| Risk Level | Number of Alerts |
|---|---|
|
High
|
0
|
|
Medium
|
7
|
|
Low
|
12
|
|
Informational
|
2
|
| Name | Risk Level | Number of Instances |
|---|---|---|
| Application Error Disclosure | Medium | 8 |
| CSP: Wildcard Directive | Medium | 18 |
| CSP: script-src unsafe-inline | Medium | 10 |
| CSP: style-src unsafe-inline | Medium | 10 |
| Cross-Domain Misconfiguration | Medium | 251 |
| Missing Anti-clickjacking Header | Medium | 3 |
| Vulnerable JS Library | Medium | 63 |
| Absence of Anti-CSRF Tokens | Low | 7 |
| CSP: Notices | Low | 10 |
| Cookie No HttpOnly Flag | Low | 18 |
| Cookie Without Secure Flag | Low | 4 |
| Cookie with SameSite Attribute None | Low | 9 |
| Cookie without SameSite Attribute | Low | 4 |
| Cross-Domain JavaScript Source File Inclusion | Low | 1511 |
| Incomplete or No Cache-control Header Set | Low | 38 |
| Private IP Disclosure | Low | 4 |
| Secure Pages Include Mixed Content | Low | 3 |
| Timestamp Disclosure - Unix | Low | 2617 |
| X-Content-Type-Options Header Missing | Low | 3481 |
| Information Disclosure - Suspicious Comments | Informational | 1232 |
| Loosely Scoped Cookie | Informational | 3 |
|
Medium |
Application Error Disclosure |
|---|---|
| Description |
This page contains an error/warning message that may disclose sensitive information like the location of the file that produced the unhandled exception. This information can be used to launch further attacks against the web application. The alert could be a false positive if the error message is found inside a documentation page.
|
| URL | https://cdn.jsdelivr.net/gh/bpampuch/pdfmake@0.1.27/build/pdfmake.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | internal error |
| URL | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | internal error |
| URL | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | invalid query |
| URL | https://cdn.justcall.io/app/assets/js/pdfmake.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | internal error |
| URL | https://justcall.io/app/voiceintelligence/script_demo_v2.js?v=%200 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Internal Server Error |
| URL | https://justcall.io/app/voiceintelligence/script_demo_v2_deep.js?v=%200 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Internal Server Error |
| URL | https://www.gstatic.com/firebasejs/6.2.4/firebase-auth.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | internal error |
| URL | https://www.gstatic.com/firebasejs/6.2.4/firebase-database.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | invalid query |
| Instances | 8 |
| Solution |
Review the source code of this page. Implement custom error pages. Consider implementing a mechanism to provide a unique error reference/identifier to the client (browser) while logging the details on the server side and not exposing them to the user.
|
| Reference | |
| CWE Id | 200 |
| WASC Id | 13 |
| Plugin Id | 90022 |
|
Medium |
CSP: Wildcard Directive |
|---|---|
| Description |
The following directives either allow wildcard sources (or ancestors), are not defined, or are overly broadly defined:
frame-ancestors, form-action
The directive(s): frame-ancestors, form-action are among the directives that do not fallback to default-src, missing/excluding them is the same as allowing anything.
|
| URL | http://127.0.0.1:5500/assets/js/ie8-responsive-file-warning.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | default-src 'none' |
| URL | http://127.0.0.1:5500/gfranko-jquery.tocify.js-c5ef235/src/javascripts/jquery.tocify.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | default-src 'none' |
| URL | http://127.0.0.1:5500/gfranko-jquery.tocify.js-c5ef235/src/javascripts/jquery.tocify.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | default-src 'none' |
| URL | http://127.0.0.1:5500/insert_DB/write_file/$baseurl/app/macapp/dialer_js/dialer_transfer_live_new_csrf_notif.js?v=0 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | default-src 'none' |
| URL | http://127.0.0.1:5500/insert_DB/write_file/$baseurlapp/macapp/dialer_js/dialer_transfer_fd_two.js?v=0 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | default-src 'none' |
| URL | http://127.0.0.1:5500/insert_DB/write_file/0?v=2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | default-src 'none' |
| URL | http://127.0.0.1:5500/insert_DB/write_file/sms_assets/export_table_module/table2excel.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | default-src 'none' |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors 'none' |
| Instances | 18 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
|
| Reference |
http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/ http://caniuse.com/#search=content+security+policy http://content-security-policy.com/ https://github.com/shapesecurity/salvation https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources |
| CWE Id | 693 |
| WASC Id | 15 |
| Plugin Id | 10055 |
|
Medium |
CSP: script-src unsafe-inline |
|---|---|
| Description |
script-src includes unsafe-inline.
|
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| Instances | 10 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
|
| Reference |
http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/ http://caniuse.com/#search=content+security+policy http://content-security-policy.com/ https://github.com/shapesecurity/salvation https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources |
| CWE Id | 693 |
| WASC Id | 15 |
| Plugin Id | 10055 |
|
Medium |
CSP: style-src unsafe-inline |
|---|---|
| Description |
style-src includes unsafe-inline.
|
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| Instances | 10 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
|
| Reference |
http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/ http://caniuse.com/#search=content+security+policy http://content-security-policy.com/ https://github.com/shapesecurity/salvation https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources |
| CWE Id | 693 |
| WASC Id | 15 |
| Plugin Id | 10055 |
|
Medium |
Cross-Domain Misconfiguration |
|---|---|
| Description |
Web browser data loading may be possible, due to a Cross Origin Resource Sharing (CORS) misconfiguration on the web server
|
| URL | https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot/interface.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot/node_modules/hubspot/calling-extensions-sdk/index1.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot/node_modules/hubspot/calling-extensions-sdk/src/CallingExtensions.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot/node_modules/hubspot/calling-extensions-sdk/src/Constants.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot/node_modules/hubspot/calling-extensions-sdk/src/IFrameManager.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot2/interface.js?v=155 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot2/node_modules/hubspot/calling-extensions-sdk/index.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot2/node_modules/hubspot/calling-extensions-sdk/src/CallingExtensions.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot2/node_modules/hubspot/calling-extensions-sdk/src/Constants.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://ampm.pro/hubspot2/node_modules/hubspot/calling-extensions-sdk/src/IFrameManager.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://api.zapier.com/elements/zap-templates/?fields=webintent_url%2Ctitle%2Cservices%2Cdescription&limit=25&must_match_all_services=true&service_slugs=JustCall |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://assets.calendly.com/assets/external/widget.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.datatables.net/buttons/1.3.1/js/buttons.html5.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.datatables.net/buttons/1.3.1/js/dataTables.buttons.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.datatables.net/fixedcolumns/3.3.0/js/dataTables.fixedColumns.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.datatables.net/v/dt/dt-1.10.24/datatables.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/clipboard.js/1.5.12/clipboard.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/gh/bpampuch/pdfmake@0.1.27/build/pdfmake.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/gh/bpampuch/pdfmake@0.1.27/build/vfs_fonts.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/html5shiv/3.7.2/html5shiv.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/jquery.query-builder/2.3.3/js/query-builder.standalone.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/jquery.webui-popover/1.2.1/jquery.webui-popover.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/libs/respond.js/1.3.0/respond.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/momentjs/latest/moment.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/emoji-picker-element@%5E1/database.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/emoji-picker-element@%5E1/index.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/emoji-picker-element@%5E1/picker.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/fakeloader@1.0.0/fakeLoader.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.3/build/js/intlTelInput.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/select2@4.0.13/dist/js/i18n/%3C?php%20echo%20$def_lang;%20?%3E.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/summernote@0.8.18/dist/summernote.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/npm/underscore@1.12.0/underscore-min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/respond/1.4.2/respond.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.jsdelivr.net/sweetalert2/5.2.1/sweetalert2.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.justcall.io/app/assets/lib/emoji_lib_live/database.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.justcall.io/app/assets/lib/emoji_lib_live/index.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.justcall.io/app/assets/lib/emoji_lib_live/picker.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.rawgit.com/bpampuch/pdfmake/0.1.27/build/pdfmake.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.rawgit.com/bpampuch/pdfmake/0.1.27/build/vfs_fonts.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-048fd831.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-18b8492c.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-28b646a5.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-2f37d8b8.entry.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-3f7fd3c5.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-5c302f3a.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-7a441d48.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-7ad4f23b.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-7bc2c9b3.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-7bcb5b4c.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-9bca7ec1.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-a6117d37.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-cbdffc56.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/p-f60aeb61.entry.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/zapier-elements.css |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdn.zapier.com/packages/partner-sdk/v0/zapier-elements/zapier-elements.esm.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/air-datepicker/2.2.3/js/datepicker.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/air-datepicker/2.2.3/js/i18n/datepicker.es.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.20/angular.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.10.0/js/bootstrap-select.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/bootstrap-select.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/bootstrap-toggle/2.2.2/js/bootstrap-toggle.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.bundle.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.13/clipboard.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/md5.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/tripledes.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.resize.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.resize.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.stack.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.2/html2canvas.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/15.0.0/js/intlTelInput.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/utils.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.3.0/js/iziToast.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.0/jquery-confirm.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery-scrollintoview/1.8/jquery.scrollintoview.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery-sortable/0.9.13/jquery-sortable-min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery-sortable/0.9.13/jquery-sortable.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.13.1/jquery.validate.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.2.3/jquery.payment.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/json2html/1.4.0/json2html.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jspdf/0.9.0rc1/jspdf.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jspdf/1.3.2/jspdf.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jspdf/1.5.3/jspdf.debug.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jspdf/1.5.3/jspdf.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jspdf/2.4.0/jspdf.umd.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.7/jstz.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/list.js/1.3.0/list.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/livequery/1.1.1/jquery.livequery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.14/moment-timezone-with-data.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/morris.js/0.5.1/morris.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/numeral.js/2.0.4/numeral.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/generic.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/html.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/javascript.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/rainbow.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/raphael/2.1.0/raphael-min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/rateYo/2.1.1/jquery.rateyo.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/rateYo/2.3.2/jquery.rateyo.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/summernote/0.8.11/summernote.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/tilt.js/1.2.1/tilt.jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/tributejs/5.1.3/tribute.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/trix/1.2.1/trix.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.2.0/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://cdnjs.cloudflare.com/ajax/libs/typeahead.js/0.11.1/typeahead.bundle.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-1.11.3.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-2.2.4.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-3.2.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-3.4.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-3.4.1.slim.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-3.5.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-migrate-3.3.1.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/jquery-migrate-3.3.2.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/mobile/1.5.0-alpha.1/jquery.mobile-1.5.0-alpha.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://code.jquery.com/ui/1.12.1/jquery-ui.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1644604685495&_since=%221643222277759%22 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1643818378440&_since=%221623195938349%22 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/anti-tracking-url-decoration?_expected=1564511755134 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/doh-config/changeset?_expected=1633594181493&_since=%221621943462970%22 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/doh-providers/changeset?_expected=1634631885669&_since=%221621943542621%22 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1622732735407 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries?_expected=1569410800356 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1644710485345 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1643114788955 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes?_expected=1642005109349 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-rules?_expected=1624479577563 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/pioneer-study-addons-v1/changeset?_expected=1607042143590 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/public-suffix-list/changeset?_expected=1575468539758 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1621244389666 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config?_expected=1639155658146 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-default-override-allowlist?_expected=1595254618540 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-telemetry-v2?_expected=1643136934001 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/sites-classification?_expected=1544035467383 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/top-sites?_expected=1625844592286 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/url-classifier-skip-urls/changeset?_expected=1606870304609 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/main/collections/websites-with-shared-credential-backends?_expected=1624479523629 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=0 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=partitioning-exempt-urls&bucket=main&_expected=0 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?collection=query-stripping&bucket=main&_expected=0 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/cert-revocations/changeset?_expected=1644829052172 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/intermediates/changeset?_expected=1644591449953&_since=%221643540242595%22 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://firefox.settings.services.mozilla.com/v1/buckets/security-state/collections/onecrl?_expected=1636587776892 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700&display=swap |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://fonts.googleapis.com/css?family=Open+Sans |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://getbootstrap.com/docs/3.3/assets/js/ie-emulation-modes-warning.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://getbootstrap.com/docs/3.3/assets/js/ie10-viewport-bug-workaround.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://getbootstrap.com/docs/3.3/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://gyrocode.github.io/jquery-datatables-checkboxes/1.2.12/js/dataTables.checkboxes.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://html2canvas.hertzen.com/dist/html2canvas.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://js.hscollectedforms.net/collectedforms.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://js.hsforms.net/forms/v2-legacy.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://js.hsforms.net/forms/v2.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://js.hsleadflows.net/leadflows.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://js.pusher.com/6.0/pusher.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://js.pusher.com/7.0/pusher.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://js.stripe.com/v2/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://kit.fontawesome.com/ced4108baf.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://momentjs.com/downloads/moment-timezone.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://momentjs.com/downloads/moment-timezone.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://requirejs.org/docs/release/2.3.5/minified/require.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://static.filestackapi.com/filestack-js/1.x.x/filestack.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://static.filestackapi.com/filestack-js/3.x.x/filestack.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.wmU9Fdz5Vkk.O/am=Aw/d=1/exm=el_conf/ed=1/rs=AN8SPfo51yYcwbprJ_MMV-C1N2qc293grA/m=el_main |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://translate.googleapis.com/translate_static/css/translateelement.css |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://unpkg.com/gauge-chart@0.5.3/dist/bundle.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/gauge-chart@latest/dist/bundle.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/ionicons@5.1.2/dist/ionicons.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/ionicons@5.1.2/dist/ionicons/ionicons.esm.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-4372c4bc.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/ionicons@5.1.2/dist/ionicons/p-6f4eae92.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/popper.js@1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/popper.js@1.16.1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/popper.js@1.16.1/dist/umd/popper.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/react-dom@17.0.2/umd/react-dom.development.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/react-dom@17/umd/react-dom.development.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/react@17.0.2/umd/react.development.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/react@17/umd/react.development.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/tippy.js@2.0.9/dist/tippy.all.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/tippy.js@3.4.1/dist/tippy.all.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/tippy.js@3/dist/tippy.all.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/tippy.js@5 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/tippy.js@5.2.1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/tippy.js@5.2.1/dist/tippy-bundle.iife.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/wavesurfer.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/wavesurfer.js/dist/plugin/wavesurfer.cursor.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/wavesurfer.js@6.0.1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/wavesurfer.js@6.0.1/dist/plugin/wavesurfer.cursor.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://unpkg.com/wavesurfer.js@6.0.1/dist/wavesurfer.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | access-control-allow-origin: * |
| URL | https://use.typekit.net/awv1ixw.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://vsvg4v1vptbk.statuspage.io/api/v2/status.json |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://vsvg4v1vptbk.statuspage.io/embed/frame |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://vsvg4v1vptbk.statuspage.io/embed/frame.json |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://vsvg4v1vptbk.statuspage.io/embed/script.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://www.googletagmanager.com/gtag/js?id=AW-857695325 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://www.googletagmanager.com/gtag/js?id=UA-90034160-1 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://www.gstatic.com/firebasejs/6.1.0/firebase-app.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://www.gstatic.com/firebasejs/6.2.4/firebase-app.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://www.gstatic.com/firebasejs/6.2.4/firebase-auth.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://www.gstatic.com/firebasejs/6.2.4/firebase-database.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__en.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://zapier.com/partner/embed/appdirectory-beta/p-7bc2c9b3.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://zapier.com/partner/embed/appdirectory-beta/zapier-elements.esm.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| URL | https://zapier.com/partner/legacy-widget-upgrade.js?services=JustCall&container=true&limit=5%2C |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | Access-Control-Allow-Origin: * |
| Instances | 251 |
| Solution |
Ensure that sensitive data is not available in an unauthenticated manner (using IP address white-listing, for instance).
Configure the "Access-Control-Allow-Origin" HTTP header to a more restrictive set of domains, or remove all CORS headers entirely, to allow the web browser to enforce the Same Origin Policy (SOP) in a more restrictive manner.
|
| Reference | https://vulncat.fortify.com/en/detail?id=desc.config.dotnet.html5_overly_permissive_cors_policy |
| CWE Id | 264 |
| WASC Id | 14 |
| Plugin Id | 10098 |
|
Medium |
Missing Anti-clickjacking Header |
|---|---|
| Description |
The response does not include either Content-Security-Policy with 'frame-ancestors' directive or X-Frame-Options to protect against 'ClickJacking' attacks.
|
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | X-Frame-Options |
| Attack | |
| Evidence | |
| URL | https://b.frstre.com/?v1.4 |
| Method | GET |
| Parameter | X-Frame-Options |
| Attack | |
| Evidence | |
| URL | https://vsvg4v1vptbk.statuspage.io/embed/frame |
| Method | GET |
| Parameter | X-Frame-Options |
| Attack | |
| Evidence | |
| Instances | 3 |
| Solution |
Modern Web browsers support the Content-Security-Policy and X-Frame-Options HTTP headers. Ensure one of them is set on all web pages returned by your site/app.
If you expect the page to be framed only by pages on your server (e.g. it's part of a FRAMESET) then you'll want to use SAMEORIGIN, otherwise if you never expect the page to be framed, you should use DENY. Alternatively consider implementing Content Security Policy's "frame-ancestors" directive.
|
| Reference | https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options |
| CWE Id | 1021 |
| WASC Id | 15 |
| Plugin Id | 10020 |
|
Medium |
Vulnerable JS Library |
|---|---|
| Description |
The identified library jquery, version 3.3.1 is vulnerable.
|
| URL | https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /1.12.4/jquery.min.js |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /1.4.2/jquery.min.js |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /1.9.1/jquery.min.js |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /2.1.3/jquery.min.js |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /2.1.4/jquery.min.js |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.2.1/jquery.min.js |
| URL | https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.4.1/jquery.min.js |
| URL | https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery UI - v1.11.2 |
| URL | https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery UI - v1.12.1 |
| URL | https://cdn.justcall.io/app/assets/autodialer/js/dialer_jquery.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v3.3.7 |
| URL | https://cdn.justcall.io/app/assets/js/jquery-1.11.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-1.11.1.min.js |
| URL | https://cdn.justcall.io/app/assets/js/jquery-3.4.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.4.1.min.js |
| URL | https://cdn.justcall.io/app_old/assets/js/jquery-1.11.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-1.11.1.min.js |
| URL | https://cdn.justcall.io/main/assets/js/jquery-3.3.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.3.1.min.js |
| URL | https://cdn.justcall.io/partnerlandling/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v3.3.7 |
| URL | https://cdn.justcall.io/partnerlandling/assets/js/jquery-3.1.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.1.1.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.20/angular.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /1.2.20/angular.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /1.11.1/jquery.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /2.1.4/jquery.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.2.1/jquery.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.4.1/jquery.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /2.3.2/js/bootstrap.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.2.0/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.2.0/js/bootstrap.min.js |
| URL | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.3.5/js/bootstrap.min.js |
| URL | https://code.jquery.com/jquery-1.11.3.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-1.11.3.min.js |
| URL | https://code.jquery.com/jquery-2.2.4.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-2.2.4.min.js |
| URL | https://code.jquery.com/jquery-3.2.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.2.1.min.js |
| URL | https://code.jquery.com/jquery-3.4.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.4.1.min.js |
| URL | https://code.jquery.com/jquery-3.4.1.slim.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.4.1.slim.min.js |
| URL | https://code.jquery.com/mobile/1.5.0-alpha.1/jquery.mobile-1.5.0-alpha.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery.mobile-1.5.0-alpha.1.min.js |
| URL | https://code.jquery.com/ui/1.12.1/jquery-ui.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery UI - v1.12.1 |
| URL | https://d1mfg1uuzfdx15.cloudfront.net/assets/js/moltran.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * jQuery JavaScript Library v1.11.1 |
| URL | https://getbootstrap.com/docs/3.3/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v3.3.7 |
| URL | https://js.createsend1.com/js/jquery-1.7.2.min.js?h=C99A465920160907 |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-1.7.2.min.js |
| URL | https://justcall.io/app/assets/js/jquery-1.11.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-1.11.1.min.js |
| URL | https://justcall.io/app/assets/js/jquery-ui/external/jquery/jquery.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * jQuery JavaScript Library v1.10.2 |
| URL | https://justcall.io/app/assets/js/jquery-ui/jquery-ui.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery UI - v1.11.1 |
| URL | https://justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v3.3.7 |
| URL | https://justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery UI - v1.11.4 |
| URL | https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-1.8.2.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-1.8.2.js |
| URL | https://justcall.io/app/assets/lib/jquery/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery v1.12.4 |
| URL | https://justcall.io/app/datetimepicker-master/jquery.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery v1.10.2 |
| URL | https://justcall.io/app/macapp/dialer/dialer_lib.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery v1.11.2 |
| URL | https://justcall.io/app/macapp/jquery-ui-1.12.1.custom/external/jquery/jquery.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * jQuery JavaScript Library v1.12.4 |
| URL | https://justcall.io/app/macapp/jquery-ui-1.12.1.custom/jquery-ui.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery UI - v1.12.1 |
| URL | https://justcall.io/app_old/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v3.2.0 |
| URL | https://justcall.io/app_old/assets/js/jquery-1.11.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-1.11.1.min.js |
| URL | https://justcall.io/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v4.1.2 |
| URL | https://justcall.io/assets/js/jquery-3.3.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.3.1.min.js |
| URL | https://justcall.io/developer-docs/js/jquery.1.6.4.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery v1.6.4 |
| URL | https://justcall.io/developer-docs_8_jun/js/jquery.1.6.4.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery v1.6.4 |
| URL | https://justcall.io/integrations/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v3.3.6 |
| URL | https://justcall.io/integrations/assets/js/jquery-2.1.1.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-2.1.1.js |
| URL | https://justcall.io/newsite/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v4.1.2 |
| URL | https://justcall.io/nextapp/Documentation/assets/js/jquery.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery v1.7.1 |
| URL | https://justcall.io/nextapp/HTML/website/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v4.1.2 |
| URL | https://justcall.io/nextapp/HTML/website/js/jquery-3.3.1.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | jquery-3.3.1.min.js |
| URL | https://justcall.io/plivo-web-sdk-example/conference/assets/jquery.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * jQuery JavaScript Library v1.4.4 |
| URL | https://justcall.io/plivo-web-sdk-example/phone/assets/jquery.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * jQuery JavaScript Library v1.4.4 |
| URL | https://justcall.io/theme/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | * Bootstrap v3.3.7 |
| URL | https://justcall.io/theme/assets/lib/jquery/jquery.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /*! jQuery v1.12.4 |
| URL | https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.3.6/js/bootstrap.min.js |
| URL | https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | /3.4.0/js/bootstrap.min.js |
| Instances | 63 |
| Solution |
Please upgrade to the latest version of jquery.
|
| Reference |
https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
https://nvd.nist.gov/vuln/detail/CVE-2019-11358 https://github.com/jquery/jquery/commit/753d591aea698e57d6db58c9f722cd0808619b1b https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ |
| CWE Id | 829 |
| WASC Id | |
| Plugin Id | 10003 |
|
Low |
Absence of Anti-CSRF Tokens |
|---|---|
| Description |
No Anti-CSRF tokens were found in a HTML submission form.
A cross-site request forgery is an attack that involves forcing a victim to send an HTTP request to a target destination without their knowledge or intent in order to perform an action as the victim. The underlying cause is application functionality using predictable URL/form actions in a repeatable way. The nature of the attack is that CSRF exploits the trust that a web site has for a user. By contrast, cross-site scripting (XSS) exploits the trust that a user has for a web site. Like XSS, CSRF attacks are not necessarily cross-site, but they can be. Cross-site request forgery is also known as CSRF, XSRF, one-click attack, session riding, confused deputy, and sea surf.
CSRF attacks are effective in a number of situations, including:
* The victim has an active session on the target site.
* The victim is authenticated via HTTP auth on the target site.
* The victim is on the same local network as the target site.
CSRF has primarily been used to perform an action against a target site using the victim's privileges, but recent techniques have been discovered to disclose information by gaining access to the response. The risk of information disclosure is dramatically increased when the target site is vulnerable to XSS, because XSS can be used as a platform for CSRF, allowing the attack to operate within the bounds of the same-origin policy.
|
| URL | https://piktoria.com/assets/admin1/js/bootstrap-timepicker.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form role="search" method="get" id="searchform" class="search-form" action="https://piktoria.com/"> |
| URL | https://piktoria.com/assets/admin1/js/bootstrap-timepicker.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form role="search" method="get" id="searchform" class="search-form" action="https://piktoria.com/"> |
| URL | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/collapse.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form role="search" method="get" id="searchform" class="search-form" action="https://piktoria.com/"> |
| URL | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/collapse.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form role="search" method="get" id="searchform" class="search-form" action="https://piktoria.com/"> |
| URL | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/transition.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form role="search" method="get" id="searchform" class="search-form" action="https://piktoria.com/"> |
| URL | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/transition.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form role="search" method="get" id="searchform" class="search-form" action="https://piktoria.com/"> |
| URL | https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.wmU9Fdz5Vkk.O/am=Aw/d=1/exm=el_conf/ed=1/rs=AN8SPfo51yYcwbprJ_MMV-C1N2qc293grA/m=el_main |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | <form class="activity-form" action="'+_.P(_.wl(a.mi))+'" method="'+_.P(b)+'"> |
| Instances | 7 |
| Solution |
Phase: Architecture and Design
Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
For example, use anti-CSRF packages such as the OWASP CSRFGuard.
Phase: Implementation
Ensure that your application is free of cross-site scripting issues, because most CSRF defenses can be bypassed using attacker-controlled script.
Phase: Architecture and Design
Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330).
Note that this can be bypassed using XSS.
Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.
Note that this can be bypassed using XSS.
Use the ESAPI Session Management control.
This control includes a component for CSRF.
Do not use the GET method for any request that triggers a state change.
Phase: Implementation
Check the HTTP Referer header to see if the request originated from an expected page. This could break legitimate functionality, because users or proxies may have disabled sending the Referer for privacy reasons.
|
| Reference |
http://projects.webappsec.org/Cross-Site-Request-Forgery
http://cwe.mitre.org/data/definitions/352.html |
| CWE Id | 352 |
| WASC Id | 9 |
| Plugin Id | 10202 |
|
Low |
CSP: Notices |
|---|---|
| Description |
Warnings:
Duplicate host *.google-analytics.com
Duplicate host *.statuspage.io
Duplicate host *.google-analytics.com
Duplicate host *.statuspage.io
|
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | frame-ancestors deny ; child-src 'self' api.zapier.com zapier.com *.frstre.com *.facebook.com *.stripe.com *.filestackapi.com *.filepicker.io wss://* *.firebaseio.com *.intercom.io *.statuspage.io ; default-src *.firstpromoter.com *.adsymptotic.com *.iconfinder.com http://justcall.io *.synchroteam.com *.linkedin.com *.g2crowd.com *.bootstrapcdn.com *.pendo.io *.wired.com *.imgix.net *.helpwise.io *.slack-edge.com *.freeiconspng.com 'self' 'unsafe-inline' data: blob: wss://* *.jsdelivr.net *.justcall.io *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; script-src *.smartlook.com *.hertzen.com *.licdn.com *.tapfiliate.com *.firstpromoter.com *.googleadservices.com 'unsafe-eval' *.pendo.io wss://* *.jsdelivr.net 'self' *.pusher.com *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.firebaseio.com *.googletagmanager.com *.facebook.net *.statuspage.io *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.google-analytics.com *.hscollectedforms.net *.hs-analytics.net *.hs-banner.com *.g2crowrd.com *.datatables.net *.rawgit.com unpkg.com *.stripe.com *.stripe.network *.gravatar.com *.ionicframework.com *.facebook.com *.filestackcontent.com *.fontawesome.com callroot.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.callroot.com *.statuspage.io *.intercom.io *.doubleclick.net *.wp.com *.amazonaws.com *.justcall.io *.freshconnect.io *.frontapp.com *.gstatic.com *.filepicker.io ; style-src *.bootstrapcdn.com *.easycalendar.com *.jsdelivr.net 'self' *.twiliocdn.com cs2.salesforce.com *.filestackapi.com api.filepicker.io ampm.pro *.googleapis.com sdk.twilio.com *.twilio.com 'unsafe-inline' *.cloudflare.com *.hs-scripts.com *.myfonts.net easycalendar.com *.google-analytics.com *.lic-dn.com *.datatables.net *.rawgit.com unpkg.com *.gravatar.com *.ionicframework.com *.facebook.com *.fontawesome.com *.google.co.in *.intercomcdn.com *.intercomassets.com *.google.com *.cloudfront.net *.intercom.io *.wp.com *.amazonaws.com *.justcall.io *.gstatic.com ; img-src https://* data: blob: |
| Instances | 10 |
| Solution |
Ensure that your web server, application server, load balancer, etc. is properly configured to set the Content-Security-Policy header.
|
| Reference |
http://www.w3.org/TR/CSP2/
http://www.w3.org/TR/CSP/ http://caniuse.com/#search=content+security+policy http://content-security-policy.com/ https://github.com/shapesecurity/salvation https://developers.google.com/web/fundamentals/security/csp#policy_applies_to_a_wide_variety_of_resources |
| CWE Id | 693 |
| WASC Id | 15 |
| Plugin Id | 10055 |
|
Low |
Cookie No HttpOnly Flag |
|---|---|
| Description |
A cookie has been set without the HttpOnly flag, which means that the cookie can be accessed by JavaScript. If a malicious script can be run on this page then the cookie will be accessible and can be transmitted to another site. If this is a session cookie then session hijacking may be possible.
|
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | BrowserId |
| Attack | |
| Evidence | Set-Cookie: BrowserId |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | BrowserId_sec |
| Attack | |
| Evidence | Set-Cookie: BrowserId_sec |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | CookieConsentPolicy |
| Attack | |
| Evidence | Set-Cookie: CookieConsentPolicy |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | LSKey-c$CookieConsentPolicy |
| Attack | |
| Evidence | Set-Cookie: LSKey-c$CookieConsentPolicy |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | sfdc-stream |
| Attack | |
| Evidence | Set-Cookie: sfdc-stream |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | PHPSESSID |
| Attack | |
| Evidence | Set-Cookie: PHPSESSID |
| URL | https://zapier.com/partner/embed/appdirectory-beta/p-7bc2c9b3.js |
| Method | GET |
| Parameter | __tnp |
| Attack | |
| Evidence | Set-Cookie: __tnp |
| URL | https://zapier.com/partner/embed/appdirectory-beta/zapier-elements.esm.js |
| Method | GET |
| Parameter | __tnp |
| Attack | |
| Evidence | Set-Cookie: __tnp |
| URL | https://zapier.com/partner/legacy-widget-upgrade.js?services=JustCall&container=true&limit=5%2C |
| Method | GET |
| Parameter | __tnp |
| Attack | |
| Evidence | Set-Cookie: __tnp |
| URL | https://zapier.com/zapbook/embed/widget.js?services=JustCall&container=true&limit=5, |
| Method | GET |
| Parameter | __tnp |
| Attack | |
| Evidence | Set-Cookie: __tnp |
| URL | https://zapier.com/zapbook/embed/widget.js?services=JustCall&container=true&limit=5, |
| Method | GET |
| Parameter | mng517 |
| Attack | |
| Evidence | Set-Cookie: mng517 |
| URL | https://zapier.com/zapbook/embed/widget.js?services=JustCall&container=true&limit=5, |
| Method | GET |
| Parameter | zapforeversession |
| Attack | |
| Evidence | Set-Cookie: zapforeversession |
| URL | https://zapier.com/zapbook/embed/widget.js?services=JustCall&container=true&limit=5, |
| Method | GET |
| Parameter | zapidentity |
| Attack | |
| Evidence | Set-Cookie: zapidentity |
| URL | https://zapier.com/api/v4/tracking/event/ |
| Method | OPTIONS |
| Parameter | zapforeversession |
| Attack | |
| Evidence | Set-Cookie: zapforeversession |
| URL | https://zapier.com/api/v4/tracking/event/ |
| Method | OPTIONS |
| Parameter | zapidentity |
| Attack | |
| Evidence | Set-Cookie: zapidentity |
| URL | https://zapier.com/api/v4/tracking/event/ |
| Method | POST |
| Parameter | mng517 |
| Attack | |
| Evidence | Set-Cookie: mng517 |
| URL | https://zapier.com/api/v4/tracking/event/ |
| Method | POST |
| Parameter | zapforeversession |
| Attack | |
| Evidence | Set-Cookie: zapforeversession |
| URL | https://zapier.com/api/v4/tracking/event/ |
| Method | POST |
| Parameter | zapidentity |
| Attack | |
| Evidence | Set-Cookie: zapidentity |
| Instances | 18 |
| Solution |
Ensure that the HttpOnly flag is set for all cookies.
|
| Reference | https://owasp.org/www-community/HttpOnly |
| CWE Id | 1004 |
| WASC Id | 13 |
| Plugin Id | 10010 |
|
Low |
Cookie Without Secure Flag |
|---|---|
| Description |
A cookie has been set without the secure flag, which means that the cookie can be accessed via unencrypted connections.
|
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | BrowserId |
| Attack | |
| Evidence | Set-Cookie: BrowserId |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | CookieConsentPolicy |
| Attack | |
| Evidence | Set-Cookie: CookieConsentPolicy |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | LSKey-c$CookieConsentPolicy |
| Attack | |
| Evidence | Set-Cookie: LSKey-c$CookieConsentPolicy |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | PHPSESSID |
| Attack | |
| Evidence | Set-Cookie: PHPSESSID |
| Instances | 4 |
| Solution |
Whenever a cookie contains sensitive information or is a session token, then it should always be passed using an encrypted channel. Ensure that the secure flag is set for cookies containing such sensitive information.
|
| Reference | https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/06-Session_Management_Testing/02-Testing_for_Cookies_Attributes.html |
| CWE Id | 614 |
| WASC Id | 13 |
| Plugin Id | 10011 |
|
Low |
Cookie with SameSite Attribute None |
|---|---|
| Description |
A cookie has been set with its SameSite attribute set to "none", which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.
|
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8972517&utk= |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=8972517¤tUrl=https%3A%2F%2F127.0.0.1%3A5500%2Finsert_DB%2Fwrite_file%2F5.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://zapier.com/partner/embed/appdirectory-beta/p-7bc2c9b3.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://zapier.com/partner/embed/appdirectory-beta/zapier-elements.esm.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://zapier.com/partner/legacy-widget-upgrade.js?services=JustCall&container=true&limit=5%2C |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://zapier.com/zapbook/embed/widget.js?services=JustCall&container=true&limit=5, |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://zapier.com/api/v4/tracking/event/ |
| Method | OPTIONS |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://zapier.com/api/v4/tracking/event/ |
| Method | POST |
| Parameter | |
| Attack | |
| Evidence | |
| Instances | 9 |
| Solution |
Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
|
| Reference | https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site |
| CWE Id | 1275 |
| WASC Id | 13 |
| Plugin Id | 10054 |
|
Low |
Cookie without SameSite Attribute |
|---|---|
| Description |
A cookie has been set without the SameSite attribute, which means that the cookie can be sent as a result of a 'cross-site' request. The SameSite attribute is an effective counter measure to cross-site request forgery, cross-site script inclusion, and timing attacks.
|
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | BrowserId |
| Attack | |
| Evidence | Set-Cookie: BrowserId |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | CookieConsentPolicy |
| Attack | |
| Evidence | Set-Cookie: CookieConsentPolicy |
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | LSKey-c$CookieConsentPolicy |
| Attack | |
| Evidence | Set-Cookie: LSKey-c$CookieConsentPolicy |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | PHPSESSID |
| Attack | |
| Evidence | Set-Cookie: PHPSESSID |
| Instances | 4 |
| Solution |
Ensure that the SameSite attribute is set to either 'lax' or ideally 'strict' for all cookies.
|
| Reference | https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site |
| CWE Id | 1275 |
| WASC Id | 13 |
| Plugin Id | 10054 |
|
Low |
Cross-Domain JavaScript Source File Inclusion |
|---|---|
| Description |
The page includes one or more script files from a third-party domain.
|
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/dataTables.buttons.min.js |
| Attack | |
| Evidence | <script src=" https://cdn.justcall.io/app/assets/js/dataTables.buttons.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js |
| Attack | |
| Evidence | <script src="//ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js |
| Attack | |
| Evidence | <script src="//ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="//ajax.googleapis.com/ajax/libs/jqueryui/1.11.2/jquery-ui.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js |
| Attack | |
| Evidence | <script async src="//builder-assets.unbounce.com/published-js/main.bundle-06fd494.z.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js |
| Attack | |
| Evidence | <script async src="//builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //builder-assets.unbounce.com/published-js/main.bundle-93e6644.z.js |
| Attack | |
| Evidence | <script async src="//builder-assets.unbounce.com/published-js/main.bundle-93e6644.z.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //builder-assets.unbounce.com/published-js/main.bundle-f38250f.z.js |
| Attack | |
| Evidence | <script async src="//builder-assets.unbounce.com/published-js/main.bundle-f38250f.z.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.datatables.net/buttons/1.3.1/js/buttons.html5.min.js |
| Attack | |
| Evidence | <script src="//cdn.datatables.net/buttons/1.3.1/js/buttons.html5.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/baguetteBox.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/baguetteBox.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/custom.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/jquery-3.1.1.min.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/jquery-3.1.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/jquery.countTo.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/jquery.countTo.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/jquery.easing.min.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/jquery.easing.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/mixitup.min.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/mixitup.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/plugins.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/plugins.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/js/wow.min.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/js/wow.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/partnerlandling/assets/owl-carousel/owl.carousel.js |
| Attack | |
| Evidence | <script src="//cdn.justcall.io/partnerlandling/assets/owl-carousel/owl.carousel.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.justcall.io/small-business-assets/builder.js |
| Attack | |
| Evidence | <script async src="//cdn.justcall.io/small-business-assets/builder.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.rawgit.com/bpampuch/pdfmake/0.1.27/build/pdfmake.min.js |
| Attack | |
| Evidence | <script src="//cdn.rawgit.com/bpampuch/pdfmake/0.1.27/build/pdfmake.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdn.rawgit.com/bpampuch/pdfmake/0.1.27/build/vfs_fonts.js |
| Attack | |
| Evidence | <script src="//cdn.rawgit.com/bpampuch/pdfmake/0.1.27/build/vfs_fonts.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js |
| Attack | |
| Evidence | <script src="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//cdnjs.cloudflare.com/ajax/libs/jqueryui-touch-punch/0.2.3/jquery.ui.touch-punch.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js |
| Attack | |
| Evidence | <script src="//cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/list.js/1.3.0/list.min.js |
| Attack | |
| Evidence | <script src="//cdnjs.cloudflare.com/ajax/libs/list.js/1.3.0/list.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/morris.js/0.5.1/morris.min.js |
| Attack | |
| Evidence | <script src="//cdnjs.cloudflare.com/ajax/libs/morris.js/0.5.1/morris.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/numeral.js/2.0.4/numeral.min.js |
| Attack | |
| Evidence | <script src="//cdnjs.cloudflare.com/ajax/libs/numeral.js/2.0.4/numeral.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/raphael/2.1.0/raphael-min.js |
| Attack | |
| Evidence | <script src="//cdnjs.cloudflare.com/ajax/libs/raphael/2.1.0/raphael-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.js |
| Attack | |
| Evidence | <script src="//cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //gyrocode.github.io/jquery-datatables-checkboxes/1.2.12/js/dataTables.checkboxes.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//gyrocode.github.io/jquery-datatables-checkboxes/1.2.12/js/dataTables.checkboxes.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //js.hs-scripts.com/5576442.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async defer src="//js.hs-scripts.com/5576442.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async defer src="//js.hs-scripts.com/8972517.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //js.hsforms.net/forms/v2-legacy.js |
| Attack | |
| Evidence | <script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/v2-legacy.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //js.hsforms.net/forms/v2.js |
| Attack | |
| Evidence | <script charset="utf-8" type="text/javascript" src="//js.hsforms.net/forms/v2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.3/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.3/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.4/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.4/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.9/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.9/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //static.filestackapi.com/filestack-js/1.x.x/filestack.min.js |
| Attack | |
| Evidence | <script src="//static.filestackapi.com/filestack-js/1.x.x/filestack.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //static.tapfiliate.com/tapfiliate.js |
| Attack | |
| Evidence | <script src="//static.tapfiliate.com/tapfiliate.js" type="text/javascript" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //static.twilio.com/libs/twiliojs/1.2/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//static.twilio.com/libs/twiliojs/1.2/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //use.typekit.net/awv1ixw.js |
| Attack | |
| Evidence | <script src="//use.typekit.net/awv1ixw.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | //www.googleadservices.com/pagead/conversion.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//www.googleadservices.com/pagead/conversion.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js |
| Attack | |
| Evidence | <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://html5shim.googlecode.com/svn/trunk/html5.js |
| Attack | |
| Evidence | <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://www.google.com/jsapi |
| Attack | |
| Evidence | <script type="text/javascript" src="http://www.google.com/jsapi"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://yui.yahooapis.com/2.7.0/build/animation/animation-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/animation/animation-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://yui.yahooapis.com/2.7.0/build/colorpicker/colorpicker-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/colorpicker/colorpicker-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://yui.yahooapis.com/2.7.0/build/dragdrop/dragdrop-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/dragdrop/dragdrop-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://yui.yahooapis.com/2.7.0/build/element/element-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/element/element-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://yui.yahooapis.com/2.7.0/build/slider/slider-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/slider/slider-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | http://yui.yahooapis.com/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js |
| Attack | |
| Evidence | <script type="text/javascript" src="http://yui.yahooapis.com/2.7.0/build/yahoo-dom-event/yahoo-dom-event.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ampm.pro/hubspot/interface.js |
| Attack | |
| Evidence | <script type="module" src="https://ampm.pro/hubspot/interface.js" crossorigin="anonymous"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://ampm.pro/hubspot2/interface.js?v=155 |
| Attack | |
| Evidence | <script type="module" src="https://ampm.pro/hubspot2/interface.js?v=155" crossorigin="anonymous"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://app.justcall.io/app/sms_assets/chart_2.9.4.min.js |
| Attack | |
| Evidence | <script src="https://app.justcall.io/app/sms_assets/chart_2.9.4.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://app.justcall.io/app/sms_assets/jquery-ui_1.13.min.js |
| Attack | |
| Evidence | <script src="https://app.justcall.io/app/sms_assets/jquery-ui_1.13.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://app/assets/js/main.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://app/assets/lib/jquery/jquery.min.js |
| Attack | |
| Evidence | <script src="https://app/assets/lib/jquery/jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://assets.calendly.com/assets/external/widget.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://assets.calendly.com/assets/external/widget.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://assets.zendesk.com/apps/sdk/2.0/zaf_sdk.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://assets.zendesk.com/apps/sdk/2.0/zaf_sdk.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://assets/js/ie8-responsive-file-warning.js |
| Attack | |
| Evidence | <script src="https://assets/js/ie8-responsive-file-warning.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.callroot.com/js/d3.min.js |
| Attack | |
| Evidence | <script src="https://cdn.callroot.com/js/d3.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.datatables.net/buttons/1.3.1/js/buttons.html5.min.js |
| Attack | |
| Evidence | <script src="https://cdn.datatables.net/buttons/1.3.1/js/buttons.html5.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.datatables.net/buttons/1.3.1/js/dataTables.buttons.min.js |
| Attack | |
| Evidence | <script src="https://cdn.datatables.net/buttons/1.3.1/js/dataTables.buttons.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.datatables.net/fixedcolumns/3.3.0/js/dataTables.fixedColumns.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.datatables.net/fixedcolumns/3.3.0/js/dataTables.fixedColumns.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.datatables.net/v/dt/dt-1.10.24/datatables.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.datatables.net/v/dt/dt-1.10.24/datatables.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.easycalendar.com/app/assets/js/plugins/feathericon.js |
| Attack | |
| Evidence | <script src="https://cdn.easycalendar.com/app/assets/js/plugins/feathericon.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.easycalendar.com/app/assets/js/plugins/notie.js |
| Attack | |
| Evidence | <script src="https://cdn.easycalendar.com/app/assets/js/plugins/notie.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.easycalendar.com/app/assets/js/utils.js |
| Attack | |
| Evidence | <script src="https://cdn.easycalendar.com/app/assets/js/utils.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.easycalendar.com/app/libs/feather-icons/dist/feather.min.js |
| Attack | |
| Evidence | <script src="https://cdn.easycalendar.com/app/libs/feather-icons/dist/feather.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.easycalendar.com/app/libs/notie/dist/notie.min.js |
| Attack | |
| Evidence | <script src="https://cdn.easycalendar.com/app/libs/notie/dist/notie.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/clipboard.js/1.5.12/clipboard.min.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/clipboard.js/1.5.12/clipboard.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/jquery.query-builder/2.3.3/js/query-builder.standalone.min.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/jquery.query-builder/2.3.3/js/query-builder.standalone.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/jquery.webui-popover/1.2.1/jquery.webui-popover.min.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/jquery.webui-popover/1.2.1/jquery.webui-popover.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/momentjs/latest/moment.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.jsdelivr.net/momentjs/latest/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/npm/bs-custom-file-input/dist/bs-custom-file-input.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.min.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/npm/chart.js@2.9.3/dist/Chart.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.jsdelivr.net/npm/daterangepicker/daterangepicker.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/npm/fakeloader@1.0.0/fakeLoader.min.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/npm/fakeloader@1.0.0/fakeLoader.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.3/build/js/intlTelInput.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/npm/intl-tel-input@17.0.3/build/js/intlTelInput.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/npm/summernote@0.8.18/dist/summernote.min.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/npm/summernote@0.8.18/dist/summernote.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/npm/underscore@1.12.0/underscore-min.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/npm/underscore@1.12.0/underscore-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.jsdelivr.net/sweetalert2/5.2.1/sweetalert2.js |
| Attack | |
| Evidence | <script src="https://cdn.jsdelivr.net/sweetalert2/5.2.1/sweetalert2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/air-datepicker/js/datepicker.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/air-datepicker/js/datepicker.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/air-datepicker/js/i18n/datepicker.en.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/air-datepicker/js/i18n/datepicker.en.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/autodialer/js/dialer_jquery.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/autodialer/js/dialer_jquery.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/autodialer/js/jquery-ui.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/autodialer/js/jquery-ui.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/clicktocall/air-datepicker/js/datepicker.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/clicktocall/air-datepicker/js/datepicker.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/clicktocall/air-datepicker/js/i18n/datepicker.en.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/clicktocall/air-datepicker/js/i18n/datepicker.en.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/clicktocall/js/jstz.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/clicktocall/js/jstz.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/clicktocall/js/multiple-select.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/clicktocall/js/multiple-select.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/clicktocall/js/toastr.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/clicktocall/js/toastr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/cookie/jquery.cookie.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/cookie/jquery.cookie.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/crypto/aes.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/crypto/aes.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/crypto/md5.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/crypto/md5.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/crypto/tripledes.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/crypto/tripledes.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/flot/jquery.flot.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/flot/jquery.flot.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/flot/jquery.flot.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/flot/jquery.flot.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/flot/jquery.flot.resize.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/flot/jquery.flot.resize.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/flot/jquery.flot.resize.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/flot/jquery.flot.resize.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/flot/jquery.flot.stack.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/flot/jquery.flot.stack.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/360player.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/360player.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/app-dashboard.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/app-dashboard.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/app-form-elements.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/app-form-elements.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/app-form-elements.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/app-form-elements.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/app-form-wizard.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/app-form-wizard.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/app-mail-inbox.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/app-mail-inbox.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/app-ui-notifications.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/app-ui-notifications.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/beepringtone.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/beepringtone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/berniecode-animator.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/berniecode-animator.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/bootstrap3.3.7.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/bootstrap3.3.7.min.js" ></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js" ></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/buttons.html5.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/buttons.html5.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/callinsight-improve.js?v=3 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/callinsight-improve.js?v=3"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/Chart.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/Chart.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/clipboard.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/clipboard.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/dataTables.buttons.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/dataTables.buttons.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/daterangepicker.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/daterangepicker.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/daterangepicker2.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/daterangepicker2.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/dialer_jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/dialer_jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/dtmftone.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/dtmftone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/emojionearea.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/emojionearea.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/fakeLoader.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/fakeLoader.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/favico-0.3.10.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/favico-0.3.10.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/favico.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/favico.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/filestack.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/filestack.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/filestack.min_3.x.x.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/filestack.min_3.x.x.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/formwizard/jquery.bootstrap.wizard.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/formwizard/jquery.bootstrap.wizard.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/gridstack-h5.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/gridstack-h5.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/hark.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/hark.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/html2canvas.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/html2canvas.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/html2pdf.bundle.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/html2pdf.bundle.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/izitoast.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/izitoast.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/iziToast.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/iziToast.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-1.11.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-1.11.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.4.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.4.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js" ></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-migrate-1.4.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-migrate-1.4.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-ui/jquery-ui.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-validate/jquery.validate.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-validate/jquery.validate.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery.stopwatch.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery.stopwatch.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery.visible.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery.visible.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jscolor.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jscolor.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/json2html.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/json2html.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jspdf.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jspdf.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jszip.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jszip.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/main.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/md5.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/md5.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/moment-timezone-with-data.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/moment-timezone-with-data.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/moment-timezone-with-data.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/moment-timezone-with-data.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/moment.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/moment.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/moment.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/moment_2_29_1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/moment_2_29_1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/moment_2_29_1.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/moment_2_29_1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/multiple-select.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/multiple-select.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/nouislider.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/nouislider.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/OneSignalSDK.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/OneSignalSDK.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/online1.js?v=123 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/online1.js?v=123"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/online1v2.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/online1v2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/payment/jquery.card.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/payment/jquery.card.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/pdfmake.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/pdfmake.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/popper.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/popper.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/sms_counter.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/sms_counter.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/smscount.min.js |
| Attack | |
| Evidence | <script src = "https://cdn.justcall.io/app/assets/js/smscount.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/soundmanager2.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/soundmanager2.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/timepicker/bootstrap-datetimepicker.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/timepicker/bootstrap-datetimepicker.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/timepicker/bootstrap-datetimepicker.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/timepicker/bootstrap-datetimepicker.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/timepicker/bootstrap-timepicker.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/timepicker/bootstrap-timepicker.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/timepicker/collapse.js |
| Attack | |
| Evidence | <script type="text/javascript" src= "https://cdn.justcall.io/app/assets/js/timepicker/collapse.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/timepicker/collapse.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/timepicker/collapse.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/timepicker/transition.js |
| Attack | |
| Evidence | <script type="text/javascript" src = "https://cdn.justcall.io/app/assets/js/timepicker/transition.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/timepicker/transition.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/js/timepicker/transition.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/tippy.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/tippy.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/toastr/toastr.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/toastr/toastr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/tocify/jquery.tocify.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/tocify/jquery.tocify.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/vfs_fonts.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/vfs_fonts.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/wNumb.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/wNumb.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap-slider/js/bootstrap-slider.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap-slider/js/bootstrap-slider.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/chartjs/Chart.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/chartjs/Chart.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/countup/countUp.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/countup/countUp.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/js/dataTables.bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/js/dataTables.bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/js/jquery.dataTables.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/js/jquery.dataTables.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/js/jquery.dataTables.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/js/jquery.dataTables.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.bootstrap.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.bootstrap.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.colVis.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.colVis.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.flash.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.flash.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.html5.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.html5.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.print.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.print.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/dataTables.buttons.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datatables/plugins/buttons/js/dataTables.buttons.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/daterangepicker/js/daterangepicker.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/daterangepicker/js/daterangepicker.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/datetimepicker/js/bootstrap-datetimepicker.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/datetimepicker/js/bootstrap-datetimepicker.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/emoji_lib_live/index.js |
| Attack | |
| Evidence | <script type="module" src="https://cdn.justcall.io/app/assets/lib/emoji_lib_live/index.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/emoji_lib_live/index.js |
| Attack | |
| Evidence | <script type="module" src="https://cdn.justcall.io/app/assets/lib/emoji_lib_live/index.js "></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/fuelux/js/wizard.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/fuelux/js/wizard.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-flot/jquery.flot.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-flot/jquery.flot.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-flot/jquery.flot.pie.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-flot/jquery.flot.pie.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-flot/jquery.flot.resize.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-flot/jquery.flot.resize.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-flot/plugins/curvedLines.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-flot/plugins/curvedLines.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.magnific-popup/jquery.magnific-popup.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.magnific-popup/jquery.magnific-popup.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.nestable/jquery.nestable.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.nestable/jquery.nestable.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.niftymodals/dist/jquery.niftymodals.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.niftymodals/dist/jquery.niftymodals.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.sparkline/jquery.sparkline.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.sparkline/jquery.sparkline.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery/jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery/jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jqvmap/jquery.vmap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jqvmap/jquery.vmap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jqvmap/maps/jquery.vmap.world.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jqvmap/maps/jquery.vmap.world.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/masonry/masonry.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/masonry/masonry.pkgd.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/moment.js/min/moment.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/moment.js/min/moment.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/morrisjs/morris.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/morrisjs/morris.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/prettify/prettify.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/prettify/prettify.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/raphael/raphael-min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/raphael/raphael-min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/select2/js/select2.full.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/select2/js/select2.full.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/select2/js/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/select2/js/select2.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/select2/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/select2/select2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/dc_popup_notifications.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/app/sms_assets/dc_popup_notifications.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/dragable_segment.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/dragable_segment.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/fakeLoader.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/fakeLoader.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/fullcalendar.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/fullcalendar.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/jquery-3.5.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/jquery-3.5.1.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/jquery-3.5.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/jquery-3.5.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/js/chart_2.9.4.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/js/chart_2.9.4.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/js/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/js/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/js/jquery-ui_1.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/js/jquery-ui_1.13.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/select2.min.js" charset="UTF-8"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/select2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/sms_assets/tocify_latest.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/sms_assets/tocify_latest.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app_old/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app_old/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app_old/assets/js/dtmftone.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app_old/assets/js/dtmftone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app_old/assets/js/jintervals.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app_old/assets/js/jintervals.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app_old/assets/js/jquery-1.11.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app_old/assets/js/jquery-1.11.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/app_old/assets/js/jquery.stopwatch.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app_old/assets/js/jquery.stopwatch.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/dialer/dialer.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/dialer/dialer.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/dialer/dialer_lib.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/dialer/dialer_lib.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/dialer/dialer_lib.min.js?v=1 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/dialer/dialer_lib.min.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/dialer/shrinkedjs.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/dialer/shrinkedjs.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/dialer/smscount.min.js |
| Attack | |
| Evidence | <script src = "https://cdn.justcall.io/dialer/smscount.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/dialer/twiliolastest1.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.justcall.io/dialer/twiliolastest1.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/dialer/zaf_sdk.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/dialer/zaf_sdk.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/apnibar.js?v=4 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/apnibar.js?v=4" type="text/javascript" charset="utf-8" async="async"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/c2js.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/c2js.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/custom.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/intlTelInput.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/intlTelInput.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/izi-toast.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/izi-toast.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/moment-timezone.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/moment-timezone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/circles.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/circles.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/contact-form.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/contact-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/embedvid.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/embedvid.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/jquery.ajaxchimp.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/jquery.ajaxchimp.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/jquery.backgroundvideo.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/jquery.backgroundvideo.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/jquery.cookie.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/jquery.cookie.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/jquery.youtubebackground.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/jquery.youtubebackground.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/jquery1.11.2.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/jquery1.11.2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/modernizr.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/modernizr.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/newsletter-form.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/newsletter-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/owl.carousel.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/owl.carousel.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/prefixfree.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/prefixfree.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/scrollreveal.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/scrollreveal.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/styleswitcher.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/styleswitcher.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/plugins/ua-parser.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/plugins/ua-parser.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/select-2.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/select-2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/js/tippy.all.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/js/tippy.all.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/comment-form.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/comment-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/contact-form.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/contact-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/fontawesome.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/fontawesome.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/html5shiv.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/html5shiv.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/imagesloaded.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/imagesloaded.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/isotope.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/isotope.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery-3.3.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery-3.3.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.ajaxchimp.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.ajaxchimp.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.appear.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.appear.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.easing.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.magnific-popup.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.magnific-popup.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.scrollto.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.scrollto.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.stellar.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.stellar.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.validate.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.validate.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/lazysizes.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/lazysizes.min.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/main.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/modernizr.custom.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/modernizr.custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/owl.carousel.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/owl.carousel.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/quick-form.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/quick-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/respond.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/respond.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/retina.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/retina.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/slick.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/slick.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/wow.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/wow.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/rateyo/jquery.rateyo.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/rateyo/jquery.rateyo.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/small-business-assets/builder.js |
| Attack | |
| Evidence | <script async src="https://cdn.justcall.io/small-business-assets/builder.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.justcall.io/small-business-assets/partnerjs.js |
| Attack | |
| Evidence | <script async src="https://cdn.justcall.io/small-business-assets/partnerjs.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.onesignal.com/sdks/OneSignalSDK.js |
| Attack | |
| Evidence | <script src="https://cdn.onesignal.com/sdks/OneSignalSDK.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdn.viralwoot.com/assets/js/jssor.slider.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdn.viralwoot.com/assets/js/jssor.slider.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/air-datepicker/2.2.3/js/datepicker.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/air-datepicker/2.2.3/js/datepicker.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/air-datepicker/2.2.3/js/i18n/datepicker.es.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/air-datepicker/2.2.3/js/i18n/datepicker.es.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.20/angular.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.20/angular.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.10.0/js/bootstrap-select.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.10.0/js/bootstrap-select.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/bootstrap-select.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-select/1.12.4/js/bootstrap-select.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/bootstrap-toggle/2.2.2/js/bootstrap-toggle.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-toggle/2.2.2/js/bootstrap-toggle.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.bundle.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.bundle.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.7.1/Chart.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.13/clipboard.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.5.13/clipboard.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/md5.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/md5.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/tripledes.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.0.0/tripledes.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.resize.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.resize.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.resize.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.resize.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.stack.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/flot/0.8.3/jquery.flot.stack.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/html2canvas/0.4.1/html2canvas.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.2/html2canvas.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.3.2/html2canvas.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/15.0.0/js/intlTelInput.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/15.0.0/js/intlTelInput.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/intlTelInput.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/utils.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.3/js/utils.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.3.0/js/iziToast.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.3.0/js/iziToast.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.0/jquery-confirm.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-confirm/3.3.0/jquery-confirm.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery-scrollintoview/1.8/jquery.scrollintoview.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-scrollintoview/1.8/jquery.scrollintoview.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery-sortable/0.9.13/jquery-sortable-min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-sortable/0.9.13/jquery-sortable-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery-sortable/0.9.13/jquery-sortable.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-sortable/0.9.13/jquery-sortable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.13.1/jquery.validate.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.13.1/jquery.validate.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.2.3/jquery.payment.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery.payment/1.2.3/jquery.payment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/2.1.4/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/json2html/1.4.0/json2html.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/json2html/1.4.0/json2html.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jspdf/0.9.0rc1/jspdf.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jspdf/0.9.0rc1/jspdf.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jspdf/1.3.2/jspdf.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jspdf/1.3.2/jspdf.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jspdf/1.5.3/jspdf.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jspdf/1.5.3/jspdf.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jspdf/2.4.0/jspdf.umd.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jspdf/2.4.0/jspdf.umd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.7/jstz.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/jstimezonedetect/1.0.7/jstz.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/livequery/1.1.1/jquery.livequery.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/livequery/1.1.1/jquery.livequery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.14/moment-timezone-with-data.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.14/moment-timezone-with-data.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.1/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/generic.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/generic.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/html.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/html.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/javascript.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/language/javascript.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/rainbow.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/rainbow/1.2.0/js/rainbow.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/rateYo/2.1.1/jquery.rateyo.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/rateYo/2.1.1/jquery.rateyo.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/rateYo/2.3.2/jquery.rateyo.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/rateYo/2.3.2/jquery.rateyo.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.13/js/select2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.min.js" charset="UTF-8"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.3/js/select2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/summernote/0.8.11/summernote.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/summernote/0.8.11/summernote.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/tilt.js/1.2.1/tilt.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/tilt.js/1.2.1/tilt.jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/js/toastr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/2.3.2/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.2.0/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.2.0/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.5/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cdnjs.cloudflare.com/ajax/libs/typeahead.js/0.11.1/typeahead.bundle.min.js |
| Attack | |
| Evidence | <script src="https://cdnjs.cloudflare.com/ajax/libs/typeahead.js/0.11.1/typeahead.bundle.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css |
| Attack | |
| Evidence | <script src="https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.jquery.com/jquery-1.11.3.min.js |
| Attack | |
| Evidence | <script src="https://code.jquery.com/jquery-1.11.3.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.jquery.com/jquery-2.2.4.min.js |
| Attack | |
| Evidence | <script src="https://code.jquery.com/jquery-2.2.4.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.jquery.com/jquery-3.2.1.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://code.jquery.com/jquery-3.2.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.jquery.com/jquery-migrate-3.3.1.js |
| Attack | |
| Evidence | <script src="https://code.jquery.com/jquery-migrate-3.3.1.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.jquery.com/jquery-migrate-3.3.2.js |
| Attack | |
| Evidence | <script src="https://code.jquery.com/jquery-migrate-3.3.2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.jquery.com/mobile/1.5.0-alpha.1/jquery.mobile-1.5.0-alpha.1.min.js |
| Attack | |
| Evidence | <script src="https://code.jquery.com/mobile/1.5.0-alpha.1/jquery.mobile-1.5.0-alpha.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://code.jquery.com/ui/1.12.1/jquery-ui.js |
| Attack | |
| Evidence | <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Attack | |
| Evidence | <script src="https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://d1mfg1uuzfdx15.cloudfront.net/assets/js/app-slider.js |
| Attack | |
| Evidence | <script src="https://d1mfg1uuzfdx15.cloudfront.net/assets/js/app-slider.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://d1mfg1uuzfdx15.cloudfront.net/assets/js/moltran.min.js |
| Attack | |
| Evidence | <script src="https://d1mfg1uuzfdx15.cloudfront.net/assets/js/moltran.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://d1mfg1uuzfdx15.cloudfront.net/assets/pages/jquery.sweet-alert.init.js |
| Attack | |
| Evidence | <script src="https://d1mfg1uuzfdx15.cloudfront.net/assets/pages/jquery.sweet-alert.init.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://d1mfg1uuzfdx15.cloudfront.net/assets/vendor/sweetalert/dist/sweetalert.min.js |
| Attack | |
| Evidence | <script src="https://d1mfg1uuzfdx15.cloudfront.net/assets/vendor/sweetalert/dist/sweetalert.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://d1mfg1uuzfdx15.cloudfront.net/assets/vendor/waypoints/lib/jquery.waypoints.js |
| Attack | |
| Evidence | <script src="https://d1mfg1uuzfdx15.cloudfront.net/assets/vendor/waypoints/lib/jquery.waypoints.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://dl.frontapp.com/libs/frontjs.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://dl.frontapp.com/libs/frontjs.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://getbootstrap.com/docs/3.3/assets/js/ie-emulation-modes-warning.js |
| Attack | |
| Evidence | <script src="https://getbootstrap.com/docs/3.3/assets/js/ie-emulation-modes-warning.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://getbootstrap.com/docs/3.3/assets/js/ie10-viewport-bug-workaround.js |
| Attack | |
| Evidence | <script src="https://getbootstrap.com/docs/3.3/assets/js/ie10-viewport-bug-workaround.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://getbootstrap.com/docs/3.3/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://getbootstrap.com/docs/3.3/dist/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://gfranko-jquery.tocify.js-c5ef235/src/javascripts/jquery.tocify.js |
| Attack | |
| Evidence | <script src="https://gfranko-jquery.tocify.js-c5ef235/src/javascripts/jquery.tocify.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://gfranko-jquery.tocify.js-c5ef235/src/javascripts/jquery.tocify.min.js |
| Attack | |
| Evidence | <script src="https://gfranko-jquery.tocify.js-c5ef235/src/javascripts/jquery.tocify.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://html2canvas.hertzen.com/dist/html2canvas.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://html2canvas.hertzen.com/dist/html2canvas.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://js.createsend1.com/js/jquery-1.7.2.min.js?h=C99A465920160907 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://js.createsend1.com/js/jquery-1.7.2.min.js?h=C99A465920160907"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://js.intercomcdn.com/messenger-sheet-library.latest.js |
| Attack | |
| Evidence | <script src="https://js.intercomcdn.com/messenger-sheet-library.latest.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://js.pusher.com/6.0/pusher.min.js |
| Attack | |
| Evidence | <script src="https://js.pusher.com/6.0/pusher.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://js.pusher.com/7.0/pusher.min.js |
| Attack | |
| Evidence | <script src="https://js.pusher.com/7.0/pusher.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://js.stripe.com/v2/ |
| Attack | |
| Evidence | <script type="text/javascript" src="https://js.stripe.com/v2/"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://js/jquery-3.5.1.min.js |
| Attack | |
| Evidence | <script src="https://js/jquery-3.5.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/./assets/js/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/./assets/js/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io//app/voiceintelligence/assets/js/wavesurfer.cursor.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io//app/voiceintelligence/assets/js/wavesurfer.cursor.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io//app/voiceintelligence/assets/js/wavesurfer.js |
| Attack | |
| Evidence | <script src="https://justcall.io//app/voiceintelligence/assets/js/wavesurfer.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/api/beepringtone.js |
| Attack | |
| Evidence | <script src="https://justcall.io/api/beepringtone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/./assets/js/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/./assets/js/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/./jquery.dataTables.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/./jquery.dataTables.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/./sms_assets/export_table_module/export_table_module.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/./sms_assets/export_table_module/export_table_module.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/js/main.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/js/main.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/js/sha1.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/js/sha1.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/animsition/js/animsition.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/animsition/js/animsition.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/bootstrap/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/bootstrap/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/bootstrap/js/popper.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/bootstrap/js/popper.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/countdowntime/countdowntime.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/countdowntime/countdowntime.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/daterangepicker/daterangepicker.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/daterangepicker/daterangepicker.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/daterangepicker/moment.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/daterangepicker/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/jquery/jquery-3.2.1.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/jquery/jquery-3.2.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/alexa/dump/vendor/select2/select2.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/alexa/dump/vendor/select2/select2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/360-player/demo-slider-controls.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/360-player/demo-slider-controls.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/360-player/script/360player.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/360-player/script/360player.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/360-player/script/berniecode-animator.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/360-player/script/berniecode-animator.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/360-player/script/excanvas.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/360-player/script/excanvas.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/examples/assets/app.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/examples/assets/app.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/examples/assets/app_bs2.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/examples/assets/app_bs2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/examples/assets/app_bs3.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/examples/assets/app_bs3.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/src/bootstrap-tagsinput.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/src/bootstrap-tagsinput.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput-angular.tests.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput-angular.tests.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/events.tests.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/events.tests.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/input_with_object_items.tests.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/input_with_object_items.tests.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/input_with_string_items.tests.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/input_with_string_items.tests.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/reproduced_bugs.tests.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/reproduced_bugs.tests.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/select_with_object_items.tests.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/select_with_object_items.tests.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/select_with_string_items.tests.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/bootstrap-tagsinput/select_with_string_items.tests.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/helpers.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/helpers.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/angular/angular.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/angular/angular.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/bootstrap/dist/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/boot.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/boot.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine-html.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine-html.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jquery/dist/jquery.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jquery/dist/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/dist/bootstrap-tagsinput.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/dist/bootstrap-tagsinput.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/dist/bootstrap-tagsinput/bootstrap-tagsinput-angular.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/dist/bootstrap-tagsinput/bootstrap-tagsinput-angular.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/globals/plugins/gmaps/gmaps.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/globals/plugins/gmaps/gmaps.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/app-dashboard.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/app-dashboard.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/app-ui-notifications.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/app-ui-notifications.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/appointments-test.js?v=42 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/appointments-test.js?v=42"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/appointments.js?v=2 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/appointments.js?v=2"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/appointments.js?v=25 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/appointments.js?v=25"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/appointments.js?v=31 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/appointments.js?v=31"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/bootpag.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/bootpag.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/callinsights-improve.js?v=3 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/callinsights-improve.js?v=3"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/callinsights-improve.js?v=4 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/callinsights-improve.js?v=4"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/callinsights-improve_booksy.js?v=3 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/callinsights-improve_booksy.js?v=3"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/canvas.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/canvas.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/dtmftone.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/dtmftone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/fakeLoader.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/fakeLoader.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/global-vendors.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/global-vendors.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/incomingcall.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/incomingcall.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/jquery-1.11.1.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/jquery-1.11.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/jquery-ui/external/jquery/jquery.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/jquery-ui/external/jquery/jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/jquery-ui/jquery-ui.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/jquery-ui/jquery-ui.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/jquery.dataTables.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/jquery.dataTables.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/live_transcript_notification.js?0 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/live_transcript_notification.js?0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/modernizr.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/modernizr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/multiple-select.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/multiple-select.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/notification_center.js?0 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/notification_center.js?0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/notification_center.js?1615978853 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/notification_center.js?1615978853"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/notification_center_new.js?0 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/notification_center_new.js?0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/payment/jquery.card.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/payment/jquery.card.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/realtime_dashboard.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/realtime_dashboard.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/smscount.min.js |
| Attack | |
| Evidence | <script src = "https://justcall.io/app/assets/js/smscount.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/statusfirebase2.js?v=4 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/statusfirebase2.js?v=4"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/statusfirebase2_availablity.js?v=4 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/statusfirebase2_availablity.js?v=4"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/statusfirebase2_ontabfocus.js?v=4 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/statusfirebase2_ontabfocus.js?v=4"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/statusfirebase2_reporting.js?v=5 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/statusfirebase2_reporting.js?v=5"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/statusfirebase2_widget.js?0 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/statusfirebase2_widget.js?0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/statusfirebase2_widgetv2.js?0 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/js/statusfirebase2_widgetv2.js?0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/js/toastr/toastr.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/js/toastr/toastr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/bootstrap-slider/js/bootstrap-slider.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/bootstrap-slider/js/bootstrap-slider.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/countup/countUp.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/countup/countUp.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/js/dataTables.bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/js/dataTables.bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/js/jquery.dataTables.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/js/jquery.dataTables.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.bootstrap.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.bootstrap.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.colVis.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.colVis.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.flash.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.flash.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.html5.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.html5.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.print.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/buttons.print.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/dataTables.buttons.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/datatables/plugins/buttons/js/dataTables.buttons.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/excanvas.min.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/excanvas.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-cookie/jquery.cookie.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery-cookie/jquery.cookie.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-flot/examples/axes-time-zones/date.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery-flot/examples/axes-time-zones/date.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-flot/excanvas.min.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery-flot/excanvas.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-flot/plugins/curvedLines.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery-flot/plugins/curvedLines.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-flot/shared/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery-flot/shared/jquery-ui/jquery-ui.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-jvectormap.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery-jvectormap.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-jvectormap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery-jvectormap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-mousewheel.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery-mousewheel.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.canvas.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.canvas.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.categories.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.categories.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.crosshair.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.crosshair.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.errorbars.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.errorbars.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.fillbetween.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.fillbetween.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.image.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.image.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.navigate.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.navigate.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.pie.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.pie.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.resize.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.resize.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.selection.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.selection.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.stack.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.stack.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.symbol.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.symbol.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.threshold.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.threshold.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.flot.time.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.flot.time.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.js |
| Attack | |
| Evidence | <script language="javascript" type="text/javascript" src="https://justcall.io/app/assets/lib/jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.nestable/jquery.nestable.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.nestable/jquery.nestable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.niftymodals/dist/jquery.niftymodals.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.niftymodals/dist/jquery.niftymodals.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.niftymodals/lib/js/css-filters-polyfill.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.niftymodals/lib/js/css-filters-polyfill.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.niftymodals/lib/js/cssParser.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.niftymodals/lib/js/cssParser.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.sparkline/jquery.sparkline.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.sparkline/jquery.sparkline.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-1.8.2.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-1.8.2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-map.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-map.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-us-aea-en.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-us-aea-en.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-us-lcc-en.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-us-lcc-en.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-world-mill-en.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery.vectormap/tests/assets/jquery-jvectormap-world-mill-en.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery/jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery/jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jquery/jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jquery/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jqvmap/jquery.vmap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jqvmap/jquery.vmap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/jqvmap/maps/jquery.vmap.world.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/jqvmap/maps/jquery.vmap.world.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/abstract-canvas-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/abstract-canvas-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/abstract-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/abstract-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/abstract-shape-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/abstract-shape-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/color-scale.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/color-scale.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/data-series.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/data-series.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/jvectormap.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/jvectormap.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/numeric-scale.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/numeric-scale.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/ordinal-scale.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/ordinal-scale.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/proj.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/proj.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/simple-scale.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/simple-scale.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/svg-canvas-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/svg-canvas-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/svg-circle-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/svg-circle-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/svg-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/svg-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/svg-group-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/svg-group-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/svg-path-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/svg-path-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/svg-shape-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/svg-shape-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/vector-canvas.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/vector-canvas.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/vml-canvas-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/vml-canvas-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/vml-circle-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/vml-circle-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/vml-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/vml-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/vml-group-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/vml-group-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/vml-path-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/vml-path-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/vml-shape-element.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/vml-shape-element.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/lib/world-map.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/lib/world-map.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/morrisjs/morris.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/morrisjs/morris.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/prettify//path/to/prettify.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/lib/prettify//path/to/prettify.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/prettify/prettify.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/prettify/prettify.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/raphael/raphael-min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/raphael/raphael-min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/bootstrap-datetimepicker.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/bootstrap-datetimepicker.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/moment.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/select2/select2.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/select2/select2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/bootstrap-datetimepicker.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/bootstrap-datetimepicker.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/moment.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/select2/select2.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/select2/select2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/bootstrap-wysihtml5-0.0.2.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/bootstrap-wysihtml5-0.0.2.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/wysihtml5-0.3.0.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/wysihtml5-0.3.0.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/wysihtml5.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/wysihtml5.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/js/moment.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/js/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/select2/select2.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/select2/select2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/js/moment.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/js/moment.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/select2/select2.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/select2/select2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/owl-carousel/owl.carousel.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/assets/owl-carousel/owl.carousel.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/src/bootstrap-tagsinput-angular.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/src/bootstrap-tagsinput-angular.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/assets/src/bootstrap-tagsinput.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/assets/src/bootstrap-tagsinput.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/bower_components/jquery/dist/jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/bower_components/jquery/dist/jquery.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/build/jquery.datetimepicker.full.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/build/jquery.datetimepicker.full.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/call-quality-troubleshoot/loader.js?v=0 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/call-quality-troubleshoot/loader.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/call-quality-troubleshoot/main.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/call-quality-troubleshoot/main.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/call-quality-troubleshoot/report.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/call-quality-troubleshoot/report.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/call-quality-troubleshoot/rtc-diagnostics.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/call-quality-troubleshoot/rtc-diagnostics.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/call-quality-troubleshoot/rtc-diagnostics1.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/call-quality-troubleshoot/rtc-diagnostics1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/fakeLoader.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/fakeLoader.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/joinable.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/joinable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/multiple-select.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/multiple-select.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/payment/jquery.card.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/payment/jquery.card.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/resizeable.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/resizeable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/toastr/toastr.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/toastr/toastr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/TweenMax.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/TweenMax.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/xenon-api.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/xenon-api.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/xenon-custom.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/xenon-custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/js/xenon-toggles.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/js/xenon-toggles.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/assets/owl-carousel/owl.carousel.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/assets/owl-carousel/owl.carousel.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/js/app-dashboard.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/js/app-dashboard.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/js/jquery-1.11.1.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/js/jquery-1.11.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/js/main.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/countup/countUp.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/countup/countUp.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.pie.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.pie.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.resize.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.resize.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/curvedLines.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/curvedLines.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery.sparkline/jquery.sparkline.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery.sparkline/jquery.sparkline.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jquery/jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jquery/jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/jquery.vmap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/jquery.vmap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/maps/jquery.vmap.world.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/maps/jquery.vmap.world.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/morrisjs/morris.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/morrisjs/morris.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/cancelsub/dump/assets/lib/raphael/raphael-min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/cancelsub/dump/assets/lib/raphael/raphael-min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/countries.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/countries.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/datetimepicker-master/./jquery.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/datetimepicker-master/./jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/datetimepicker-master/build/jquery.datetimepicker.full.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/datetimepicker-master/build/jquery.datetimepicker.full.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/datetimepicker-master/jquery.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/datetimepicker-master/jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/getwidgetval.js?v=10 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/getwidgetval.js?v=10" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/getwidgetval.js?v=17 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/getwidgetval.js?v=17" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/getwidgetval.js?v=22 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/getwidgetval.js?v=22" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/getwidgetval_fortesting.js?v=22 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/getwidgetval_fortesting.js?v=22" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/getwidgetval_vi.js?v=17 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/getwidgetval_vi.js?v=17" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/getwidgetval_vi.js?v=19 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/getwidgetval_vi.js?v=19" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/activecampaign/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/activecampaign/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/agile/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/agile/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/copper/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/copper/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/freshdesk/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/freshdesk/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/freshsales/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/freshsales/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/groove/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/groove/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/helpscout/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/helpscout/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/hubspot/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/hubspot/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/infusionsoft/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/infusionsoft/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/integrations_/intercom/ |
| Attack | |
| Evidence | <script src="https://justcall.io/app/integrations_/intercom/" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/mofa.js?v=1 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/mofa.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/mofa.js?v=1 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/mofa.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/@hubspot/calling-extensions-sdk/demo/./bin/index_combined.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/@hubspot/calling-extensions-sdk/demo/./bin/index_combined.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer/dialer_lib.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer/dialer_lib.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_beta_dmerge.js?v=141 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_beta_dmerge.js?v=141"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_beta_siptransfer.js?v=25 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_beta_siptransfer.js?v=25"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_beta_siptransfer_merge.js?v=605 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_beta_siptransfer_merge.js?v=605"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_jquery_upgrade.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_jquery_upgrade.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_booksy.js?v=679 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_booksy.js?v=679"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_29nov.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_29nov.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_aakash.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_aakash.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_ashu.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_ashu.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_availablity.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_availablity.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_csp.js?0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_csp.js?0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_cti.js?v=1022 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_cti.js?v=1022"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_geo.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_geo.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_getarate.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_getarate.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_hs.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_hs.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_kmp.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_kmp.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_refresh.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_refresh.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_live_v2_sso.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_live_v2_sso.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_chian.js?v=308 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_chian.js?v=308"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_new_hm.js?v=427 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_new_hm.js?v=427"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_new_queue.js?v=410 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_new_queue.js?v=410"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/mofa.js?v=1 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/mofa.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/statusfirebase.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/statusfirebase.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/statusfirebase.js?v=11 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/statusfirebase.js?v=11"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/statusfirebase_new2.js?v=17 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/statusfirebase_new2.js?v=17"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/statusfirebase_new2_29nov.js?v=17 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/statusfirebase_new2_29nov.js?v=17"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/dialer_js/statusfirebase_new2_availablity.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/dialer_js/statusfirebase_new2_availablity.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/hark.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/hark.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/jctw.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/macapp/jctw.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/jctw_new.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/macapp/jctw_new.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/jquery-ui-1.12.1.custom/external/jquery/jquery.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/jquery-ui-1.12.1.custom/external/jquery/jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/macapp/jquery-ui-1.12.1.custom/jquery-ui.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/macapp/jquery-ui-1.12.1.custom/jquery-ui.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/manual_script.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/manual_script.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/nativejs-select.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/nativejs-select.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/number_compliance.js?v=15 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/number_compliance.js?v=15"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/number_compliance.js?v=2 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/number_compliance.js?v=2"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/number_compliance_aakash.js?v=1 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/number_compliance_aakash.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/number_compliancev1.js?v=10 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/number_compliancev1.js?v=10"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/number_compliancev1.js?v=13 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/number_compliancev1.js?v=13"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/chart_2.9.4.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/chart_2.9.4.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/clipboard.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/clipboard.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/dc_popup_notifications.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/sms_assets/dc_popup_notifications.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/emoji_lib_live/index.js |
| Attack | |
| Evidence | <script type="module" src="https://justcall.io/app/sms_assets/emoji_lib_live/index.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/fakeLoader.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/fakeLoader.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/filestack.min_3.x.x.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/filestack.min_3.x.x.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/hackathon/widget_xyz.js?v=7 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/hackathon/widget_xyz.js?v=7"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/jquery-ui_1.13.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/jquery-ui_1.13.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/jquery.dataTables.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/app/sms_assets/jquery.dataTables.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages-160920.js?v=1117 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages-160920.js?v=1117"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_05_november_2021.js?v=3 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_05_november_2021.js?v=3"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_05_november_2021.js?v=4 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_05_november_2021.js?v=4"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_06_january_2022.js?v=1 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_06_january_2022.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_12_october_2021.js?v=7 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_12_october_2021.js?v=7"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_15_july_2021.js?v=3 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_15_july_2021.js?v=3"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_16_august_2021.js?v=13 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_16_august_2021.js?v=13"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_22_december_2021.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_22_december_2021.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_26_october_2021.js?v=1 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_26_october_2021.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_28_january_2022.js?v=2 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_28_january_2022.js?v=2"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/messages_2_june_2021_testurl.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/messages_2_june_2021_testurl.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/react/main.34512cf6.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/react/main.34512cf6.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/saved_reply/saved_reply_module.js?v=11 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/saved_reply/saved_reply_module.js?v=11"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/saved_reply/saved_reply_module.js?v=12 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/saved_reply/saved_reply_module.js?v=12"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/saved_reply/saved_reply_module.js?v=7 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/saved_reply/saved_reply_module.js?v=7"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/segment_module/dragable_segment_create_bulk.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/segment_module/dragable_segment_create_bulk.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/sms_assets/select2.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/sms_assets/select2.min.js" charset="UTF-8"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/voiceintelligence/./script.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/voiceintelligence/./script.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/voiceintelligence/createmoments.js?v= |
| Attack | |
| Evidence | <script src="https://justcall.io/app/voiceintelligence/createmoments.js?v=" 0></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/voiceintelligence/evaluationfactors.js?v= |
| Attack | |
| Evidence | <script src="https://justcall.io/app/voiceintelligence/evaluationfactors.js?v=" 0></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/voiceintelligence/onboarding.js?v= |
| Attack | |
| Evidence | <script src="https://justcall.io/app/voiceintelligence/onboarding.js?v=" 0></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/voiceintelligence/packages/bootstrap-suggest.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app/voiceintelligence/packages/bootstrap-suggest.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/voiceintelligence/script_demo.js?v=0 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/voiceintelligence/script_demo.js?v=0"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app/zendesk/zendesk.js?v=50 |
| Attack | |
| Evidence | <script src="https://justcall.io/app/zendesk/zendesk.js?v=50" crossorigin="anonymous"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/air-datepicker/js/datepicker.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/air-datepicker/js/datepicker.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/air-datepicker/js/i18n/datepicker.en.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/air-datepicker/js/i18n/datepicker.en.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/dtmftone.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/dtmftone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/fakeLoader.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/fakeLoader.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/jintervals.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/jintervals.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/joinable.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/joinable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/jquery-1.11.1.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/jquery-1.11.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/jquery.stopwatch.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/jquery.stopwatch.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/multiple-select.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/multiple-select.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/payment/jquery.card.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/payment/jquery.card.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/resizeable.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/resizeable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/toastr/toastr.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/toastr/toastr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/TweenMax.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/TweenMax.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/xenon-api.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/xenon-api.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/xenon-custom.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/xenon-custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/js/xenon-toggles.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/js/xenon-toggles.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/owl-carousel/owl.carousel.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/owl-carousel/owl.carousel.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/app_old/assets/timezone-detect/jstz.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/app_old/assets/timezone-detect/jstz.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/comment-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/comment-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/contact-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/contact-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/contact.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/contact.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/custom.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/dtmftone.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/dtmftone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/fontawesome.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/fontawesome.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/gridstack-h5.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/gridstack-h5.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/html5shiv.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/html5shiv.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/imagesloaded.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/imagesloaded.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/isotope.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/isotope.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/joinable.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/joinable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery-2.1.1.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/jquery-2.1.1.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery-3.3.1.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery-3.3.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.ajaxchimp.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.ajaxchimp.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.appear.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.appear.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.dsmorse-gridster.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.dsmorse-gridster.min.js" type="text/javascript" charset="utf-8"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.dsmorse-gridster.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.dsmorse-gridster.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.easing.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.magnific-popup.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.magnific-popup.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.scrollto.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.scrollto.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.stellar.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.stellar.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/jquery.validate.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/jquery.validate.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/lazysizes.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/lazysizes.min.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/lineprogressbar.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/lineprogressbar.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/main.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/modernizr.custom.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/modernizr.custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/owl.carousel.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/owl.carousel.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/plugins.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/plugins.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/quick-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/quick-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/resizeable.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/resizeable.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/respond.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/respond.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/retina.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/retina.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/slick.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/slick.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/toastr/toastr.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/toastr/toastr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/transcript_index_v2.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/transcript_index_v2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/transcript_index_v3.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/transcript_index_v3.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/transcript_index_v4.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/transcript_index_v4.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/TweenMax.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/TweenMax.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/validator.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/assets/js/validator.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/wow.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/wow.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/xenon-api.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/xenon-api.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/xenon-custom.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/xenon-custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/js/xenon-toggles.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/js/xenon-toggles.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/lib/datatables/js/dataTables.bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/lib/datatables/js/dataTables.bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assets/lib/datatables/js/jquery.dataTables.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assets/lib/datatables/js/jquery.dataTables.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assetsindex/admin1/js/layout.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assetsindex/admin1/js/layout.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assetsindex/globals/js/global-vendors.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assetsindex/globals/js/global-vendors.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assetsindex/globals/js/jquery.validate.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assetsindex/globals/js/jquery.validate.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assetsindex/globals/js/pleasure.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assetsindex/globals/js/pleasure.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assetsindex/globals/plugins/modernizr/modernizr.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assetsindex/globals/plugins/modernizr/modernizr.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/assetsindex/globals/scripts/user-pages.js |
| Attack | |
| Evidence | <script src="https://justcall.io/assetsindex/globals/scripts/user-pages.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/emoji/config.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/emoji/config.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/emoji/emoji-picker.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/emoji/emoji-picker.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/emoji/jquery.emojiarea.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/emoji/jquery.emojiarea.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/emoji/util.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/emoji/util.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/js/atlas/atlas.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/js/atlas/atlas.js" async="async"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/js/callinsight.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/js/callinsight.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/js/callinsights_livedashboard.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/js/callinsights_livedashboard.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/ckassets/js/tippy.all.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/ckassets/js/tippy.all.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/clicktocall/app/calendarscreen.js?v=5 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/clicktocall/app/calendarscreen.js?v=5"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/clicktocall/app/callingscreen.js?v=1 |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/clicktocall/app/callingscreen.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/clicktocall/app/messagescreen.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/clicktocall/app/messagescreen.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/clicktocall/assests/vanilla.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/clicktocall/assests/vanilla.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/clicktocall/assets/easytimer.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/clicktocall/assets/easytimer.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/clicktocall/assets/framejs.js |
| Attack | |
| Evidence | <script src="https://justcall.io/clicktocall/assets/framejs.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/clicktocall/assets/frametwilio.js |
| Attack | |
| Evidence | <script src="https://justcall.io/clicktocall/assets/frametwilio.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/common.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/common.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/jquery.1.6.4.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/jquery.1.6.4.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/jquery.easing.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/jquery.mobile-menu.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/jquery.mobile-menu.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/jquery.scrollTo-1.4.2-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/jquery.scrollTo-1.4.2-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/pixxett.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/pixxett.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/prism.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/prism.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/scroll.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/scroll.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/dump/js/slides.min.jquery.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/dump/js/slides.min.jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/common.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/common.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/jquery.1.6.4.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/jquery.1.6.4.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/jquery.easing.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/jquery.mobile-menu.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/jquery.mobile-menu.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/jquery.scrollTo-1.4.2-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/jquery.scrollTo-1.4.2-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/pixxett.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/pixxett.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/prism.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/prism.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/scroll.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/scroll.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs/js/slides.min.jquery.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs/js/slides.min.jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/common.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/common.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/jquery.1.6.4.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/jquery.1.6.4.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/jquery.easing.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/jquery.mobile-menu.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/jquery.mobile-menu.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/jquery.scrollTo-1.4.2-min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/jquery.scrollTo-1.4.2-min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/pixxett.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/pixxett.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/prism.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/prism.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/scroll.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/scroll.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/developer-docs_8_jun/js/slides.min.jquery.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/developer-docs_8_jun/js/slides.min.jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/div/js/waveform.js |
| Attack | |
| Evidence | <script src="https://justcall.io/div/js/waveform.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/./assets/js/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/./assets/js/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/comment-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/comment-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/contact-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/contact-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/html5shiv.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/html5shiv.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/imagesloaded.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/imagesloaded.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/isotope.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/isotope.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/jquery.ajaxchimp.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/jquery.ajaxchimp.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/jquery.appear.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/jquery.appear.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/jquery.easing.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/jquery.scrollto.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/jquery.scrollto.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/jquery.stellar.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/jquery.stellar.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/jquery.validate.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/jquery.validate.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/modernizr.custom.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/modernizr.custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/owl.carousel.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/owl.carousel.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/quick-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/quick-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/respond.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/respond.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/retina.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/retina.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/slick.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/slick.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/dump/assets/js/wow.js |
| Attack | |
| Evidence | <script src="https://justcall.io/dump/assets/js/wow.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/integrations/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/integrations/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/integrations/assets/js/contact.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/integrations/assets/js/contact.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/integrations/assets/js/custom.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/integrations/assets/js/custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/integrations/assets/js/jquery-2.1.1.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/integrations/assets/js/jquery-2.1.1.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/integrations/assets/js/plugins.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/integrations/assets/js/plugins.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/integrations/assets/js/validator.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/integrations/assets/js/validator.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/marketing/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://justcall.io/marketing/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/newsite/assets/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/newsite/assets/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/newsite/assets/js/fontawesome.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/newsite/assets/js/fontawesome.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/newsite/assets/js/jquery.magnific-popup.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/newsite/assets/js/jquery.magnific-popup.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/newsite/assets/js/lazysizes.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/newsite/assets/js/lazysizes.min.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/newsite/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://justcall.io/newsite/assets/js/main.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/Documentation/assets/js/cufon1.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/Documentation/assets/js/cufon1.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/Documentation/assets/js/font.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/Documentation/assets/js/font.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/Documentation/assets/js/google-code-prettify/prettify.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/Documentation/assets/js/google-code-prettify/prettify.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/Documentation/assets/js/jquery.easing.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/Documentation/assets/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/Documentation/assets/js/jquery.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/Documentation/assets/js/jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/Documentation/assets/js/jquery.scrollTo.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/Documentation/assets/js/jquery.scrollTo.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/Documentation/assets/js/script.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/Documentation/assets/js/script.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/comment-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/comment-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/contact-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/contact-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/custom.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/fontawesome.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/fontawesome.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/html5shiv.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/html5shiv.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/imagesloaded.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/imagesloaded.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/isotope.pkgd.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/isotope.pkgd.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery-3.3.1.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery-3.3.1.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery.ajaxchimp.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery.ajaxchimp.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery.appear.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery.appear.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery.easing.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery.easing.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery.magnific-popup.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery.magnific-popup.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery.scrollto.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery.scrollto.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery.stellar.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery.stellar.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/jquery.validate.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/jquery.validate.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/modernizr.custom.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/modernizr.custom.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/owl.carousel.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/owl.carousel.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/quick-form.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/quick-form.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/respond.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/respond.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/retina.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/retina.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/slick.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/slick.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/nextapp/HTML/website/js/wow.js |
| Attack | |
| Evidence | <script src="https://justcall.io/nextapp/HTML/website/js/wow.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/plivo-web-sdk-example/conference/./assets/jquery.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/plivo-web-sdk-example/conference/./assets/jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/plivo-web-sdk-example/phone/./assets/jquery.js |
| Attack | |
| Evidence | <script language="javascript" content-type="text/javascript" src="https://justcall.io/plivo-web-sdk-example/phone/./assets/jquery.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/script/soundmanager2.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/script/soundmanager2.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/testdesktop.js?v=1 |
| Attack | |
| Evidence | <script src="https://justcall.io/testdesktop.js?v=1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/js/main.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/lib/chartjs/Chart.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/lib/chartjs/Chart.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/lib/daterangepicker/js/daterangepicker.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/lib/daterangepicker/js/daterangepicker.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/lib/daterangepicker/js/daterangepicker2.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/lib/daterangepicker/js/daterangepicker2.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/lib/datetimepicker/js/bootstrap-datetimepicker.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/lib/datetimepicker/js/bootstrap-datetimepicker.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/lib/jquery/jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/lib/jquery/jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/theme/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://justcall.io/theme/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://justcall.io/widget.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://justcall.io/widget.js" onload="justcall.init()" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://kit.fontawesome.com/ced4108baf.js |
| Attack | |
| Evidence | <script src="https://kit.fontawesome.com/ced4108baf.js" crossorigin="anonymous"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://maps.google.com/maps/api_p/js?sensor=true&libraries=places |
| Attack | |
| Evidence | <script src="https://maps.google.com/maps/api_p/js?sensor=true&libraries=places"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/releases/1.10.2/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/releases/1.10.2/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/releases/1.12.1/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/releases/1.12.1/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/releases/1.4.35/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/releases/1.4.35/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/v1.10/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/v1.10/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/v1.12/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/v1.12/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/v1.4/twilio.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/v1.4/twilio.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/v1.8/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/v1.8/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://media.twiliocdn.com/sdk/js/client/v1.9/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://media.twiliocdn.com/sdk/js/client/v1.9/twilio.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://momentjs.com/downloads/moment-timezone.js |
| Attack | |
| Evidence | <script src="https://momentjs.com/downloads/moment-timezone.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://momentjs.com/downloads/moment-timezone.min.js |
| Attack | |
| Evidence | <script src="https://momentjs.com/downloads/moment-timezone.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js |
| Attack | |
| Evidence | <script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js |
| Attack | |
| Evidence | <script src="https://oss.maxcdn.com/html5shiv/3.7.3/html5shiv.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js |
| Attack | |
| Evidence | <script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js |
| Attack | |
| Evidence | <script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://oss.maxcdn.com/respond/1.4.2/respond.min.js |
| Attack | |
| Evidence | <script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://piktoria.com/assets/admin1/js/bootstrap-timepicker.js |
| Attack | |
| Evidence | <script src="https://piktoria.com/assets/admin1/js/bootstrap-timepicker.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/collapse.js |
| Attack | |
| Evidence | <script type="text/javascript" src= "https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/collapse.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/transition.js |
| Attack | |
| Evidence | <script type="text/javascript" src = "https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/transition.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://requirejs.org/docs/release/2.3.5/minified/require.js |
| Attack | |
| Evidence | <script src="https://requirejs.org/docs/release/2.3.5/minified/require.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://s3.amazonaws.com/intercom-sheets.com/messenger-sheet-library.latest.js |
| Attack | |
| Evidence | <script src="https://s3.amazonaws.com/intercom-sheets.com/messenger-sheet-library.latest.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://s3.amazonaws.com/pd-web/embed/embed.js |
| Attack | |
| Evidence | <script src="https://s3.amazonaws.com/pd-web/embed/embed.js" async></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://s3.amazonaws.com/plivosdk/web/plivo.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://s3.amazonaws.com/plivosdk/web/plivo.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://smsservice.justcall.io/justcall-sms/app/build/js/countrySelect.min.js |
| Attack | |
| Evidence | <script src="https://smsservice.justcall.io/justcall-sms/app/build/js/countrySelect.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://static.filestackapi.com/filestack-js/3.x.x/filestack.min.js |
| Attack | |
| Evidence | <script src="https://static.filestackapi.com/filestack-js/3.x.x/filestack.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://static.zdassets.com/zendesk_app_framework_sdk/2.0/zaf_sdk.min.js |
| Attack | |
| Evidence | <script src="https://static.zdassets.com/zendesk_app_framework_sdk/2.0/zaf_sdk.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://theme/assets/js/app-form-masks.js |
| Attack | |
| Evidence | <script src="https://theme/assets/js/app-form-masks.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://theme/assets/lib/chartjs/Chart.min.js |
| Attack | |
| Evidence | <script src="https://theme/assets/lib/chartjs/Chart.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://theme/assets/lib/daterangepicker/js/daterangepicker.js |
| Attack | |
| Evidence | <script src="https://theme/assets/lib/daterangepicker/js/daterangepicker.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://theme/assets/lib/daterangepicker/js/daterangepicker2.js |
| Attack | |
| Evidence | <script src="https://theme/assets/lib/daterangepicker/js/daterangepicker2.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://theme/assets/lib/datetimepicker/js/bootstrap-datetimepicker.min.js |
| Attack | |
| Evidence | <script src="https://theme/assets/lib/datetimepicker/js/bootstrap-datetimepicker.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://theme/assets/lib/jquery.maskedinput/jquery.maskedinput.min.js |
| Attack | |
| Evidence | <script src="https://theme/assets/lib/jquery.maskedinput/jquery.maskedinput.min.js" type="text/javascript"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/gauge-chart@latest/dist/bundle.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/gauge-chart@latest/dist/bundle.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/ionicons@5.1.2/dist/ionicons.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/ionicons@5.1.2/dist/ionicons.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/popper.js@1 |
| Attack | |
| Evidence | <script src="https://unpkg.com/popper.js@1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/react-dom@17/umd/react-dom.development.js |
| Attack | |
| Evidence | <script crossorigin src="https://unpkg.com/react-dom@17/umd/react-dom.development.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/react-dom@17/umd/react-dom.development.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/react-dom@17/umd/react-dom.development.js" crossorigin></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/react@17/umd/react.development.js |
| Attack | |
| Evidence | <script crossorigin src="https://unpkg.com/react@17/umd/react.development.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/react@17/umd/react.development.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/react@17/umd/react.development.js" crossorigin></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/tippy.js@2.0.9/dist/tippy.all.min.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/tippy.js@2.0.9/dist/tippy.all.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/tippy.js@3/dist/tippy.all.min.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/tippy.js@3/dist/tippy.all.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/tippy.js@5 |
| Attack | |
| Evidence | <script src="https://unpkg.com/tippy.js@5"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/wavesurfer.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/wavesurfer.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://unpkg.com/wavesurfer.js/dist/plugin/wavesurfer.cursor.min.js |
| Attack | |
| Evidence | <script src="https://unpkg.com/wavesurfer.js/dist/plugin/wavesurfer.cursor.min.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://use.fontawesome.com/1a28e18715.js |
| Attack | |
| Evidence | <script src="https://use.fontawesome.com/1a28e18715.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://vsvg4v1vptbk.statuspage.io/embed/script.js |
| Attack | |
| Evidence | <script src="https://vsvg4v1vptbk.statuspage.io/embed/script.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.google.com/recaptcha/api.js?render=6Le0tvcUAAAAAKyHkUwP2tmYbzfpUYfz38FnBafs |
| Attack | |
| Evidence | <script src="https://www.google.com/recaptcha/api.js?render=6Le0tvcUAAAAAKyHkUwP2tmYbzfpUYfz38FnBafs"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.googletagmanager.com/gtag/js?id=AW-857695325 |
| Attack | |
| Evidence | <script async src="https://www.googletagmanager.com/gtag/js?id=AW-857695325"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.googletagmanager.com/gtag/js?id=UA-90034160-1 |
| Attack | |
| Evidence | <script async src="https://www.googletagmanager.com/gtag/js?id=UA-90034160-1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.googletagmanager.com/gtag/js?id=UA-90034160-1 |
| Attack | |
| Evidence | <script async="" src="https://www.googletagmanager.com/gtag/js?id=UA-90034160-1"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.gstatic.com/firebasejs/6.1.0/firebase-app.js |
| Attack | |
| Evidence | <script src="https://www.gstatic.com/firebasejs/6.1.0/firebase-app.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.gstatic.com/firebasejs/6.2.4/firebase-app.js |
| Attack | |
| Evidence | <script src="https://www.gstatic.com/firebasejs/6.2.4/firebase-app.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.gstatic.com/firebasejs/6.2.4/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://www.gstatic.com/firebasejs/6.2.4/firebase-auth.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.gstatic.com/firebasejs/6.2.4/firebase-database.js |
| Attack | |
| Evidence | <script src="https://www.gstatic.com/firebasejs/6.2.4/firebase-database.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.jqueryscript.net/demo/jQuery-Plugin-For-iOS-like-Swipe-To-Delete-swipeTo/swipeTo.js |
| Attack | |
| Evidence | <script src="https://www.jqueryscript.net/demo/jQuery-Plugin-For-iOS-like-Swipe-To-Delete-swipeTo/swipeTo.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://www.pixxett.com/htmldemos/api/v-2/js/script.js |
| Attack | |
| Evidence | <script type="text/javascript" src="https://www.pixxett.com/htmldemos/api/v-2/js/script.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://zapier.com/partner/embed/appdirectory-beta/zapier-elements.esm.js |
| Attack | |
| Evidence | <script type="module" src="https://zapier.com/partner/embed/appdirectory-beta/zapier-elements.esm.js"></script> |
| URL | http://127.0.0.1:5500/insert_DB/write_file/5.html |
| Method | GET |
| Parameter | https://zapier.com/zapbook/embed/widget.js?services=JustCall&container=true&limit=5, |
| Attack | |
| Evidence | <script src="https://zapier.com/zapbook/embed/widget.js?services=JustCall&container=true&limit=5,"></script> |
| URL | https://justcall.io/app/alexa/dump/js/main.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/js/main.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/js/sha1.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/js/sha1.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/animsition/js/animsition.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/animsition/js/animsition.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/bootstrap/js/bootstrap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/bootstrap/js/bootstrap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/bootstrap/js/popper.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/bootstrap/js/popper.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/countdowntime/countdowntime.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/countdowntime/countdowntime.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/daterangepicker/daterangepicker.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/daterangepicker/daterangepicker.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/daterangepicker/moment.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/daterangepicker/moment.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/jquery/jquery-3.2.1.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/jquery/jquery-3.2.1.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/select2/select2.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/alexa/dump/vendor/select2/select2.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/angular/angular.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/angular/angular.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/bootstrap/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/bootstrap/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/boot.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/boot.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine-html.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine-html.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jasmine/lib/jasmine-core/jasmine.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jquery/dist/jquery.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/bootstrap-tagsinput-latest/test/lib/jquery/dist/jquery.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/dist/bootstrap-tagsinput.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/dist/bootstrap-tagsinput.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/dist/bootstrap-tagsinput/bootstrap-tagsinput-angular.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/dist/bootstrap-tagsinput/bootstrap-tagsinput-angular.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/globals/plugins/gmaps/gmaps.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/globals/plugins/gmaps/gmaps.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/callinsights-improve_booksy.js?v=3 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/callinsights-improve_booksy.js?v=3 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/dtmftone.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/dtmftone.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/global-vendors.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/global-vendors.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/incomingcall.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/incomingcall.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/jquery.dataTables.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/jquery.dataTables.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/modernizr.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/modernizr.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/js/notification_center_new.js?0 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/js/notification_center_new.js?0 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/excanvas.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/excanvas.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery-flot/shared/jquery-ui/jquery-ui.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery-flot/shared/jquery-ui/jquery-ui.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery-jvectormap.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery-jvectormap.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery-jvectormap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery-jvectormap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery-mousewheel.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery-mousewheel.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.canvas.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.canvas.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.categories.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.categories.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.crosshair.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.crosshair.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.errorbars.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.errorbars.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.fillbetween.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.fillbetween.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.image.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.image.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.navigate.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.navigate.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.pie.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.pie.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.resize.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.resize.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.selection.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.selection.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.stack.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.stack.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.symbol.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.symbol.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.threshold.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.threshold.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.time.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.flot.time.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/jquery.niftymodals/%5Byour%20path%5D/dist/jquery.niftymodals.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/jquery.niftymodals/%5Byour%20path%5D/dist/jquery.niftymodals.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/abstract-canvas-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/abstract-canvas-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/abstract-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/abstract-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/abstract-shape-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/abstract-shape-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/color-scale.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/color-scale.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/data-series.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/data-series.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/jvectormap.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/jvectormap.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/numeric-scale.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/numeric-scale.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/ordinal-scale.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/ordinal-scale.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/proj.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/proj.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/simple-scale.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/simple-scale.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-canvas-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-canvas-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-circle-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-circle-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-group-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-group-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-path-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-path-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-shape-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/svg-shape-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/vector-canvas.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/vector-canvas.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-canvas-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-canvas-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-circle-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-circle-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-group-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-group-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-path-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-path-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-shape-element.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/vml-shape-element.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/lib/world-map.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/lib/world-map.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/prettify//path/to/prettify.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/prettify//path/to/prettify.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/bootstrap-datetimepicker.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/bootstrap-datetimepicker.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/select2/select2.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap-editable/js/select2/select2.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/bootstrap-datetimepicker.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/bootstrap-datetimepicker.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/select2/select2.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/bootstrap3-editable/js/select2/select2.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/bootstrap-wysihtml5-0.0.2.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/bootstrap-wysihtml5-0.0.2.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/wysihtml5-0.3.0.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/bootstrap-wysihtml5-0.0.2/wysihtml5-0.3.0.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/wysihtml5.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/inputs-ext/wysihtml5/js/inputs-ext/wysihtml5/wysihtml5.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/select2/select2.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jquery-editable/js/select2/select2.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/js/moment.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/select2/select2.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/lib/x-editable/jqueryui-editable/js/select2/select2.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/src/bootstrap-tagsinput-angular.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/src/bootstrap-tagsinput-angular.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/assets/src/bootstrap-tagsinput.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/assets/src/bootstrap-tagsinput.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/bower_components/jquery/dist/jquery.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/bower_components/jquery/dist/jquery.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/build/jquery.datetimepicker.full.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/build/jquery.datetimepicker.full.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/bootstrap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/fakeLoader.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/fakeLoader.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/joinable.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/joinable.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/multiple-select.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/multiple-select.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/payment/jquery.card.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/payment/jquery.card.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/resizeable.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/resizeable.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/toastr/toastr.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/toastr/toastr.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/TweenMax.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/TweenMax.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/xenon-api.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/xenon-api.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/xenon-custom.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/xenon-custom.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/xenon-toggles.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/js/xenon-toggles.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/assets/owl-carousel/owl.carousel.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/assets/owl-carousel/owl.carousel.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/js/app-dashboard.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/js/app-dashboard.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/js/jquery-1.11.1.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/js/jquery-1.11.1.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/js/main.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/js/main.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/countup/countUp.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/countup/countUp.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.pie.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.pie.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.resize.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/jquery.flot.resize.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/curvedLines.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/curvedLines.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-flot/plugins/jquery.flot.orderBars.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-ui/jquery-ui.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery-ui/jquery-ui.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery.sparkline/jquery.sparkline.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery.sparkline/jquery.sparkline.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery/jquery.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jquery/jquery.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/jquery.vmap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/jquery.vmap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/maps/jquery.vmap.world.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/jqvmap/maps/jquery.vmap.world.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/morrisjs/morris.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/morrisjs/morris.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/raphael/raphael-min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/cancelsub/dump/assets/lib/raphael/raphael-min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/activecampaign/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/agile/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/copper/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshdesk/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/freshsales/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/groove/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/helpscout/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/hubspot/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/infusionsoft/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | //media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js |
| Attack | |
| Evidence | <script type="text/javascript" src="//media.twiliocdn.com/sdk/js/client/v1.6/twilio.min.js"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | //translate.google.com/translate_a/element.js?cb=googleTranslateElementInit |
| Attack | |
| Evidence | <script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-app.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-app.js"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-auth.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-auth.js"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/firebase-database.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/firebase-database.js"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/main.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/select2_4.0.13.min.js" charset="UTF-8"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/bootstrap/dist/js/bootstrap.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery-ui/jquery-ui.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2 |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/jquery.gritter/js/jquery.gritter.js?v=2" type="text/javascript"></script> |
| URL | https://justcall.io/app/integrations_/intercom/ |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/lib/perfect-scrollbar/js/perfect-scrollbar.jquery.min.js" type="text/javascript"></script> |
| URL | https://justcall.io/app/jquery.dataTables.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/jquery.dataTables.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/mofa.js?v=1 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/$baseurl/app/macapp/dialer_js/mofa.js?v=1 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/mofa.js?v=1 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/$baseurlapp/macapp/dialer_js/mofa.js?v=1 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/@hubspot/calling-extensions-sdk/demo/bin/index_combined.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/@hubspot/calling-extensions-sdk/demo/bin/index_combined.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_beta_siptransfer.js?v=25 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_beta_siptransfer.js?v=25 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_callingservice_twilioUpdate.js?v=79 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_callingservice_zohophonebridge_copy.js?v=5 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_transfer_fd_two.js?v=%3C?%20echo%20$time;%20?%3E |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_transfer_fd_two.js?v=%3C?%20echo%20$time;%20?%3E |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_new_queue.js?v=410 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/dialer_js/dialer_transfer_live_new_queue.js?v=410 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/macapp/dialer_js/mofa.js?v=1 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/macapp/dialer_js/mofa.js?v=1 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/nativejs-select.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/nativejs-select.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/number_compliance.js?v=15 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/number_compliance.js?v=15 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/number_compliance.js?v=2 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/number_compliance.js?v=2 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/number_compliance_aakash.js?v=1 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/number_compliance_aakash.js?v=1 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/sms_assets/messages-160920.js?v=1117 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/sms_assets/messages-160920.js?v=1117 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/app/sms_assets/messages_2_june_2021_testurl.js?v=0 |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/app/sms_assets/messages_2_june_2021_testurl.js?v=0 |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/contact.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/contact.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/dtmftone.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/dtmftone.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/joinable.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/joinable.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/jquery-2.1.1.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/jquery-2.1.1.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/plugins.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/plugins.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/resizeable.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/resizeable.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/toastr/toastr.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/toastr/toastr.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/TweenMax.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/TweenMax.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/validator.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/validator.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/xenon-api.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/xenon-api.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/xenon-custom.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/xenon-custom.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/js/xenon-toggles.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/js/xenon-toggles.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/lib/datatables/js/dataTables.bootstrap.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/lib/datatables/js/dataTables.bootstrap.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assets/lib/datatables/js/jquery.dataTables.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assets/lib/datatables/js/jquery.dataTables.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assetsindex/admin1/js/layout.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assetsindex/admin1/js/layout.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assetsindex/globals/js/global-vendors.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assetsindex/globals/js/global-vendors.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assetsindex/globals/js/jquery.validate.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assetsindex/globals/js/jquery.validate.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assetsindex/globals/js/pleasure.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assetsindex/globals/js/pleasure.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assetsindex/globals/plugins/modernizr/modernizr.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assetsindex/globals/plugins/modernizr/modernizr.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/assetsindex/globals/scripts/user-pages.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/assetsindex/globals/scripts/user-pages.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/clicktocall/assests/vanilla.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/clicktocall/assests/vanilla.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/common.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/common.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.1.6.4.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.1.6.4.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.easing.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.easing.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.mobile-menu.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.mobile-menu.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.scrollTo-1.4.2-min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/jquery.scrollTo-1.4.2-min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/pixxett.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/pixxett.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/prism.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/prism.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/scroll.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/scroll.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/developer-docs/dump/js/slides.min.jquery.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/developer-docs/dump/js/slides.min.jquery.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/comment-form.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/comment-form.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/contact-form.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/contact-form.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/countrySelect.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/countrySelect.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/html5shiv.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/html5shiv.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/imagesloaded.pkgd.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/imagesloaded.pkgd.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/isotope.pkgd.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/isotope.pkgd.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/jquery.ajaxchimp.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/jquery.ajaxchimp.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/jquery.appear.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/jquery.appear.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/jquery.easing.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/jquery.easing.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/jquery.scrollto.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/jquery.scrollto.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/jquery.stellar.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/jquery.stellar.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/jquery.validate.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/jquery.validate.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/modernizr.custom.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/modernizr.custom.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/owl.carousel.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/owl.carousel.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/quick-form.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/quick-form.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/respond.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/respond.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/retina.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/retina.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/slick.min.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/slick.min.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/dump/assets/js/wow.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/dump/assets/js/wow.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/bootstrap_3.4.1.min.js"></script> |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/app/assets/js/jquery-3.5.1.js"></script> |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/fontawesome.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/fontawesome.min.js"></script> |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jquery.magnific-popup.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jquery.magnific-popup.min.js"></script> |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/lazysizes.min.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/lazysizes.min.js" async></script> |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/main.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/main.js"></script> |
| URL | https://justcall.io/login |
| Method | GET |
| Parameter | https://www.google.com/recaptcha/api.js?render=6Le0tvcUAAAAAKyHkUwP2tmYbzfpUYfz38FnBafs |
| Attack | |
| Evidence | <script src="https://www.google.com/recaptcha/api.js?render=6Le0tvcUAAAAAKyHkUwP2tmYbzfpUYfz38FnBafs"></script> |
| URL | https://justcall.io/marketing/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/marketing/app/assets/lib/jquery.gritter/js/jquery.gritter.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/nextapp/Documentation/assets/js/cufon1.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/nextapp/Documentation/assets/js/cufon1.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| URL | https://justcall.io/script/soundmanager2.js |
| Method | GET |
| Parameter | //js.hs-scripts.com/8972517.js |
| Attack | |
| Evidence | <script type="text/javascript" id="hs-script-loader" async="" defer="" src="//js.hs-scripts.com/8972517.js"></script> |
| URL | https://justcall.io/script/soundmanager2.js |
| Method | GET |
| Parameter | https://cdn.justcall.io/main/assets/js/jcsa.js |
| Attack | |
| Evidence | <script src="https://cdn.justcall.io/main/assets/js/jcsa.js" async=""></script> |
| Instances | 1511 |
| Solution |
Ensure JavaScript source files are loaded from only trusted sources, and the sources can't be controlled by end users of the application.
|
| Reference | |
| CWE Id | 829 |
| WASC Id | 15 |
| Plugin Id | 10017 |
|
Low |
Private IP Disclosure |
|---|---|
| Description |
A private IP (such as 10.x.x.x, 172.x.x.x, 192.168.x.x) or an Amazon EC2 private hostname (for example, ip-10-0-56-78) has been found in the HTTP response body. This information might be helpful for further attacks targeting internal systems.
|
| URL | https://cdn.justcall.io/main/assets/js/fontawesome.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | 10.8.1.1 |
| URL | https://justcall.io/assets/js/fontawesome.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | 10.8.1.1 |
| URL | https://justcall.io/newsite/assets/js/fontawesome.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | 10.8.1.1 |
| URL | https://justcall.io/nextapp/HTML/website/js/fontawesome.min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | 10.8.1.1 |
| Instances | 4 |
| Solution |
Remove the private IP address from the HTTP response body. For comments, use JSP/ASP/PHP comment instead of HTML/JavaScript comment which can be seen by client browsers.
|
| Reference | https://tools.ietf.org/html/rfc1918 |
| CWE Id | 200 |
| WASC Id | 13 |
| Plugin Id | 2 |
|
Low |
Secure Pages Include Mixed Content |
|---|---|
| Description |
The page includes mixed content, that is content accessed via HTTP instead of HTTPS.
|
| URL | https://piktoria.com/assets/admin1/js/bootstrap-timepicker.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | http://piktoria.com/wp-content/uploads/2019/08/piktoria-ad.gif |
| URL | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/collapse.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | http://piktoria.com/wp-content/uploads/2019/08/piktoria-ad.gif |
| URL | https://piktoria.com/assets/globals/plugins/bootstrap-timepicker/js/transition.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | http://piktoria.com/wp-content/uploads/2019/08/piktoria-ad.gif |
| Instances | 3 |
| Solution |
A page that is available over SSL/TLS must be comprised completely of content which is transmitted over SSL/TLS.
The page must not contain any content that is transmitted over unencrypted HTTP.
This includes content from third party sites.
|
| Reference | https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html |
| CWE Id | 311 |
| WASC Id | 4 |
| Plugin Id | 10040 |
|
Informational |
Loosely Scoped Cookie |
|---|---|
| Description |
Cookies can be scoped by domain or path. This check is only concerned with domain scope.The domain scope applied to a cookie determines which domains can access it. For example, a cookie can be scoped strictly to a subdomain e.g. www.nottrusted.com, or loosely scoped to a parent domain e.g. nottrusted.com. In the latter case, any subdomain of nottrusted.com can access the cookie. Loosely scoped cookies are common in mega-applications like google.com and live.com. Cookies set from a subdomain like app.foo.bar are transmitted only to that domain by the browser. However, cookies scoped to a parent-level domain may be transmitted to the parent, or any subdomain of the parent.
|
| URL | https://cs2.salesforce.com/support/api/42.0/lightning/opencti_min.js |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://forms.hubspot.com/collected-forms/v1/config/json?portalId=8972517&utk= |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| URL | https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=8972517¤tUrl=https%3A%2F%2F127.0.0.1%3A5500%2Finsert_DB%2Fwrite_file%2F5.html |
| Method | GET |
| Parameter | |
| Attack | |
| Evidence | |
| Instances | 3 |
| Solution |
Always scope cookies to a FQDN (Fully Qualified Domain Name).
|
| Reference |
https://tools.ietf.org/html/rfc6265#section-4.1
https://owasp.org/www-project-web-security-testing-guide/v41/4-Web_Application_Security_Testing/06-Session_Management_Testing/02-Testing_for_Cookies_Attributes.html http://code.google.com/p/browsersec/wiki/Part2#Same-origin_policy_for_cookies |
| CWE Id | 565 |
| WASC Id | 15 |
| Plugin Id | 90033 |